www.elfcosmetics.com Open in urlscan Pro
165.254.56.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://elfcosmetics.com/
Effective URL:
https://www.elfcosmetics.com/
Submission: On March 03 via api (March 3rd 2023, 10:44:37 am UTC) from RO — Scanned from DE

Summary HTTP 198 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 55 IPs in 8 countries across 66 domains to perform 198 HTTP transactions. The main IP is 165.254.56.76, located in Culver City, United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 128802.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 8th 2022. Valid for: a year.

This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.141.88.73 204.141.88.73	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
11	165.254.56.76 165.254.56.76	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
30	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
12	2606:4700::68... 2606:4700::6813:bb61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.65 13.224.189.65	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
1 34	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
4 8	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
1 1	54.241.49.209 54.241.49.209	16509 (AMAZON-02) (AMAZON-02)
1 2	52.32.82.189 52.32.82.189	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21f... 2600:9000:21f3:e800:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	104.117.196.56 104.117.196.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.227.217.143 13.227.217.143	16509 (AMAZON-02) (AMAZON-02)
3 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	52.45.233.190 52.45.233.190	14618 (AMAZON-AES) (AMAZON-AES)
1	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	46.137.131.3 46.137.131.3	16509 (AMAZON-02) (AMAZON-02)
3 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	3.64.167.250 3.64.167.250	16509 (AMAZON-02) (AMAZON-02)
1 1	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	3.125.89.243 3.125.89.243	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:e48f:9156:f9ea:12b8	14618 (AMAZON-AES) (AMAZON-AES)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	2.18.79.139 2.18.79.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	13.224.190.131 13.224.190.131	16509 (AMAZON-02) (AMAZON-02)
1	44.230.85.187 44.230.85.187	16509 (AMAZON-02) (AMAZON-02)
1	3.228.92.231 3.228.92.231	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.40.167.203 52.40.167.203	16509 (AMAZON-02) (AMAZON-02)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.255.210.6 34.255.210.6	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	52.57.140.221 52.57.140.221	16509 (AMAZON-02) (AMAZON-02)
1 1	3.67.114.199 3.67.114.199	16509 (AMAZON-02) (AMAZON-02)
3 3	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
1	3.208.153.42 3.208.153.42	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.225.78.101 13.225.78.101	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 1	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.78.239 45.79.78.239	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
2 2	192.82.242.209 192.82.242.209	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2600:9000:220... 2600:9000:2204:fe00:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
11	13.224.189.71 13.224.189.71	16509 (AMAZON-02) (AMAZON-02)
2	52.45.0.112 52.45.0.112	14618 (AMAZON-AES) (AMAZON-AES)
1	140.174.14.165 140.174.14.165	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1	34.117.233.127 34.117.233.127	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.189.56 13.224.189.56	16509 (AMAZON-02) (AMAZON-02)
12	91.235.133.113 91.235.133.113	30286 (THM) (THM)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:5a00:13:d6f4:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.43 13.224.189.43	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:1ad3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:f800:a:7914:b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	13.224.189.30 13.224.189.30	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1 1	13.110.67.157 13.110.67.157	14340 (SALESFORCE) (SALESFORCE)
1	13.110.46.156 13.110.46.156	14340 (SALESFORCE) (SALESFORCE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.241.147.216 44.241.147.216	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	50.17.237.61 50.17.237.61	14618 (AMAZON-AES) (AMAZON-AES)
2	52.2.163.124 52.2.163.124	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:21f... 2600:9000:21f3:6600:1b:50c2:4000:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
198	55

1 204.141.88.73 (Morristown, United States) 1 redirects

ASN393259 (YOTTAA-AS-1, US)

elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 165.254.56.76 (Culver City, United States)

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn-fsly.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-65.fra2.r.cloudfront.net

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.208.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.241.49.209 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-49-209.us-west-1.compute.amazonaws.com

pixel.pointmediatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.32.82.189 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-82-189.us-west-2.compute.amazonaws.com

cnv.event.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:e800:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.196.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-196-56.deploy.static.akamaitechnologies.com

static.ordergroove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.217.143 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-217-143.ams54.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.45.233.190 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-233-190.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.131.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-131-3.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.167.250 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-167-250.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.14 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.89.243 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-89-243.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:e48f:9156:f9ea:12b8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.79.139 (Vienna, Austria) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-139.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.190.131 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-190-131.fra2.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.230.85.187 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-187.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.92.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-92-231.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.167.203 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-167-203.us-west-2.compute.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.210.6 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-210-6.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.140.221 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-140-221.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.114.199 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-114-199.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.180.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.153.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-153-42.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.101 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Norresundby, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.78.239 (Fremont, United States) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: lciapi-hwd-11.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.82.242.209 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:fe00:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.224.189.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-71.fra2.r.cloudfront.net

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.0.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-0-112.compute-1.amazonaws.com

px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.174.14.165 (Frankfurt am Main, Germany)

ASN393259 (YOTTAA-AS-1, US)

qoe-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.233.127 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 127.233.117.34.bc.googleusercontent.com

elfco11111.pcapredict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-56.fra2.r.cloudfront.net

plugins-media.perfectcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 91.235.133.113 (United States)

ASN30286 (THM, US)

imgs.cdn-btsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5a00:13:d6f4:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-43.fra2.r.cloudfront.net

track.custora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1ad3 (United States)

ASN13335 (CLOUDFLARENET, US)

edge.curalate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f800:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-30.fra2.r.cloudfront.net

analytics-sm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

w2txo5aaukx5wkdxjpzkppltoswpxyyqziplnt5g22e961122da7e07fam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.67.157 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl4-ncg1-c6-iad5.na153-ia5.force.com

elfcosmetics.secure.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.46.156 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl15-ncg1-c6-iad5.na153-ia5.salesforce.com

elfcosmetics.my.salesforce-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.147.216 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-147-216.us-west-2.compute.amazonaws.com

e.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.237.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-237-61.compute-1.amazonaws.com

t.custora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.163.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-163-124.compute-1.amazonaws.com

api.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6600:1b:50c2:4000:93a1 (United States)

ASN16509 (AMAZON-02, US)

external-api.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 267	25 KB
31	yottaa.net cdn-fsly.yottaa.net — Cisco Umbrella Rank: 15148 qoe-1.yottaa.net — Cisco Umbrella Rank: 7159	8 MB
17	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 7656 st.dynamicyield.com — Cisco Umbrella Rank: 7447 async-px.dynamicyield.com — Cisco Umbrella Rank: 7519 px.dynamicyield.com — Cisco Umbrella Rank: 27325	264 KB
12	cdn-btsg.com imgs.cdn-btsg.com — Cisco Umbrella Rank: 10470	87 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 372	231 KB
12	elfcosmetics.com 1 redirects elfcosmetics.com — Cisco Umbrella Rank: 94955 www.elfcosmetics.com — Cisco Umbrella Rank: 128802	920 KB
9	googlesyndication.com 4 redirects ade.googlesyndication.com — Cisco Umbrella Rank: 278 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	2 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	40 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	22 KB
5	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 1842	155 KB
4	curalate.com edge.curalate.com — Cisco Umbrella Rank: 8088	218 KB
4	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3132 cdn.acsbapp.com — Cisco Umbrella Rank: 3290	200 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265 cms.analytics.yahoo.com — Cisco Umbrella Rank: 848	2 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3176 w2txo5aaukx5wkdxjpzkppltoswpxyyqziplnt5g22e961122da7e07fam1.e.aa.online-metrix.net	17 KB
3	usehero.com cdn.usehero.com — Cisco Umbrella Rank: 32412 api.usehero.com — Cisco Umbrella Rank: 36951	28 KB
3	pubmatic.com 3 redirects image2.pubmatic.com — Cisco Umbrella Rank: 846 image6.pubmatic.com — Cisco Umbrella Rank: 725	974 B
3	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 202	917 B
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
3	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2292	1 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	243 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	260 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2635
2	analytics-sm.com analytics-sm.com — Cisco Umbrella Rank: 17785	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	138 KB
2	jebbit.com js.jebbit.com — Cisco Umbrella Rank: 53652 external-api.jebbit.com — Cisco Umbrella Rank: 35339	94 KB
2	custora.com track.custora.com — Cisco Umbrella Rank: 83754 t.custora.com — Cisco Umbrella Rank: 71508	7 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1141	1 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 422	352 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	542 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1400 lm.serving-sys.com — Cisco Umbrella Rank: 2290	778 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 709	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313 token.rubiconproject.com — Cisco Umbrella Rank: 541	674 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 585 usermatch.krxd.net — Cisco Umbrella Rank: 1402	358 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 624	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1688	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	882 B
2	cquotient.com cdn.cquotient.com — Cisco Umbrella Rank: 6085 e.cquotient.com — Cisco Umbrella Rank: 8834	21 KB
2	ordergroove.com static.ordergroove.com — Cisco Umbrella Rank: 25153	58 KB
2	bidr.io 1 redirects cnv.event.prod.bidr.io — Cisco Umbrella Rank: 8967	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	40 KB
1	salesforce-sites.com elfcosmetics.my.salesforce-sites.com — Cisco Umbrella Rank: 343461	3 KB
1	force.com 1 redirects elfcosmetics.secure.force.com — Cisco Umbrella Rank: 338897	643 B
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2555	6 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4522	5 KB
1	perfectcorp.com plugins-media.perfectcorp.com — Cisco Umbrella Rank: 167057	116 KB
1	pcapredict.com elfco11111.pcapredict.com — Cisco Umbrella Rank: 274035	15 KB
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 930	168 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2306	343 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3639	750 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1317	324 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 338	140 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1084	213 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5234	656 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2745	186 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 2672	877 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 4003	123 B
1	tremorhub.com amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5050	183 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 549	471 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 481	484 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 571	163 B
1	pointmediatracker.com 1 redirects pixel.pointmediatracker.com — Cisco Umbrella Rank: 3473	486 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 603	304 B
1	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 9408	2 KB
198	66

	Domain	Requested by
34	s.amazon-adsystem.com	1 redirects www.elfcosmetics.com s.amazon-adsystem.com
30	cdn-fsly.yottaa.net	www.elfcosmetics.com cdn-fsly.yottaa.net
12	imgs.cdn-btsg.com	www.elfcosmetics.com imgs.cdn-btsg.com
12	cdn.cookielaw.org	www.elfcosmetics.com cdn.cookielaw.org
11	async-px.dynamicyield.com	cdn.dynamicyield.com
11	www.elfcosmetics.com	cdn-fsly.yottaa.net www.elfcosmetics.com
8	ade.googlesyndication.com	4 redirects www.elfcosmetics.com
7	www.google-analytics.com	www.elfcosmetics.com
6	cdn.jsdelivr.net	www.elfcosmetics.com
5	assets.bounceexchange.com	www.elfcosmetics.com
4	edge.curalate.com	www.elfcosmetics.com edge.curalate.com
3	cdn.acsbapp.com	acsbapp.com
3	cm.g.doubleclick.net	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	match.360yield.com	3 redirects
3	ib.adnxs.com	3 redirects
3	cdn.dynamicyield.com	www.elfcosmetics.com
3	www.googletagmanager.com	www.elfcosmetics.com
2	www.facebook.com
2	api.usehero.com	cdn.usehero.com
2	h.online-metrix.net	imgs.cdn-btsg.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	analytics-sm.com	www.elfcosmetics.com
2	connect.facebook.net	www.elfcosmetics.com
2	px.dynamicyield.com	cdn.dynamicyield.com
2	image6.pubmatic.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	us-u.openx.net	s.amazon-adsystem.com
2	sb.scorecardresearch.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	ads.stickyadstv.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	static.ordergroove.com	www.elfcosmetics.com
2	cnv.event.prod.bidr.io	1 redirects www.elfcosmetics.com
1	external-api.jebbit.com	js.jebbit.com
1	t.custora.com
1	region1.google-analytics.com	www.googletagmanager.com
1	e.cquotient.com	www.elfcosmetics.com
1	cdnjs.cloudflare.com	www.elfcosmetics.com
1	elfcosmetics.my.salesforce-sites.com
1	elfcosmetics.secure.force.com	1 redirects
1	w2txo5aaukx5wkdxjpzkppltoswpxyyqziplnt5g22e961122da7e07fam1.e.aa.online-metrix.net
1	js.jebbit.com	www.elfcosmetics.com
1	acsbapp.com	www.elfcosmetics.com
1	cdn.pdst.fm	www.elfcosmetics.com
1	tag.wknd.ai	www.elfcosmetics.com
1	track.custora.com	www.elfcosmetics.com
1	cdn.usehero.com	www.elfcosmetics.com
1	pagead2.googlesyndication.com	www.elfcosmetics.com
1	plugins-media.perfectcorp.com	www.elfcosmetics.com
1	elfco11111.pcapredict.com	www.elfcosmetics.com
1	qoe-1.yottaa.net	www.elfcosmetics.com
1	st.dynamicyield.com	www.elfcosmetics.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	eb2.3lift.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	s.amazon-adsystem.com
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	rtb-csync.smartadserver.com	s.amazon-adsystem.com
1	cdn.cquotient.com	www.elfcosmetics.com
1	pixel.pointmediatracker.com	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn-scripts.signifyd.com	www.elfcosmetics.com
1	elfcosmetics.com	1 redirects
198	85

This site contains links to these domains. Also see Links.

Domain
shadefinder.elfcosmetics.com
www.youtube.com
www.bazaarvoice.com
instagram.com
www.facebook.com
www.pinterest.com
twitter.com
www.snapchat.com
www.linkedin.com
www.tiktok.com
blog.elfcosmetics.com
www.elfbeauty.com
elfcosmetics.onelink.me
privacyportal-cdn.onetrust.com
cookiepedia.co.uk
tcf.cookiepedia.co.uk
www.onetrust.com
accessibe.com

Subject Issuer	Validity	Valid
*.elfcosmetics.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-10-22`	a year	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2022-09-08` - `2023-10-10`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
cdn-scripts.signifyd.com Amazon RSA 2048 M01	`2023-02-21` - `2023-08-31`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.dynamicyield.com Amazon RSA 2048 M02	`2023-02-28` - `2023-10-17`	8 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.ordergroove.com Go Daddy Secure Certificate Authority - G2	`2022-08-24` - `2023-08-10`	a year	crt.sh
*.cquotient.com Amazon RSA 2048 M01	`2023-02-17` - `2023-06-03`	4 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-02-16` - `2023-05-17`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2022-11-16` - `2023-12-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-02-20`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.pcapredict.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-22` - `2023-08-22`	a year	crt.sh
*.perfectcorp.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-11` - `2023-03-11`	a year	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2022-12-19` - `2023-12-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.usehero.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-26`	8 months	crt.sh
*.custora.com Amazon RSA 2048 M02	`2023-02-23` - `2023-08-12`	6 months	crt.sh
tag.wknd.ai R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-01-28` - `2023-04-28`	3 months	crt.sh
*.acsbapp.com GTS CA 1P5	`2023-01-06` - `2023-04-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
*.jebbit.com Amazon RSA 2048 M01	`2023-02-23` - `2023-07-22`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-10`	2 months	crt.sh
*.analytics-sm.com Amazon RSA 2048 M02	`2023-02-21` - `2023-07-16`	5 months	crt.sh
misc.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-06-08` - `2023-07-10`	a year	crt.sh
api.usehero.com Amazon RSA 2048 M01	`2023-02-05` - `2024-03-05`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-01-25` - `2023-04-25`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.elfcosmetics.com/
Frame ID: F6D52A1C02D59C56FDCA57EC479F2F75
Requests: 140 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=49939356868183850&dcc=t
Frame ID: DE563E72C1DC7588044A3CC5EBD848CE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Frame ID: AA65C6EB93168C36C32B839BF2CCC406
Requests: 43 HTTP requests in this frame

Frame: https://imgs.cdn-btsg.com/fp/check.js;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&jb=35312426687b6777355f616c646d75732c687b6735556164666d757325303a3b382e6071607735436072676d6f26627168374b60786d65652f3832393930
Frame ID: 13F2B79EAE514C7AE7CBD6E017E32F71
Requests: 9 HTTP requests in this frame

Frame: https://imgs.cdn-btsg.com/fp/ls_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f
Frame ID: 0456B546CB40F8DBFEFBB97CF8D36010
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f
Frame ID: 6B99BBE8C110D5078176221DB71DA9D4
Requests: 2 HTTP requests in this frame

Frame: https://imgs.cdn-btsg.com/fp/top_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f
Frame ID: 11CC8ED347E0EC25424C8E588EF5FEBE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0E0AC035635536DFE8EC21E195560438
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Affordable Drugstore Makeup & Skincare Products | e.l.f. Cosmeticsbinocularsunlockgiftshopping baggoogle-elfSign InBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

198
Requests

79 %
HTTPS

24 %
IPv6

66
Domains

85
Subdomains

55
IPs

8
Countries

11065 kB
Transfer

19294 kB
Size

82
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://shadefinder.elfcosmetics.com/?utm_source=elf-cosmetics&utm_medium=web&utm_campaign=mime-shade-finder&utm_term=link-global-navigation-face
Title: Foundation Shade Finder

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/Oxah4Q5athY?rel=0&autoplay=1

Search URL Search Domain Scan URL

URL: https://www.bazaarvoice.com/products/visual-and-social-content/?utm_source=MkivvfJLOokBjajT&utm_medium=referral&utm_campaign=powered-by&utm_term=layout

Search URL Search Domain Scan URL

URL: https://instagram.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eyeslipsfacedotcom

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://twitter.com/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/e-l-f-cosmetics/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@elfyeah/

Search URL Search Domain Scan URL

URL: http://blog.elfcosmetics.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://elfcosmetics.onelink.me/wTtZ/WebsiteFooter

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/41508589-2ea0-4f6f-a103-922358595624/4d9f0146-ffb8-404e-9f05-73841fe03610.html
Title: Do Not Sell or Share My Personal Info/Opt Out of Targeted Ads

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new Tab

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility By Learn More

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=49939356868183850 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=49939356868183850&dcc=t

Request Chain 18

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=1293218029334;gtm=45He3310;gcs=G100;u6=%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLL_6YrKv_0CFWsMewod_QgFxQ;type=retarget;cat=globa0;ord=1293218029334;gtm=45He3310;gcs=G100;u6=%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 19

https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=2166362061524;gtm=45He3310;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CM6A6orKv_0CFVEMogMdrAAP4g;type=conte0;cat=homep0;ord=2166362061524;gtm=45He3310;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 20

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=2797990733248;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=COiE6orKv_0CFYy1GAody9oEDQ;type=elf8j0;cat=glo_flap;ord=2797990733248;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 21

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=7531159779957;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJGG6orKv_0CFbEJewodl3UIjw;type=elf8j0;cat=glo_flhp;ord=7531159779957;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 22

https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=7c569ced-2f06-4382-b136a59641848c3c&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&gtmcb=2015495548 HTTP 302
https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=b1c2ee1d-6030-4ca5-8d29-e130fda71d86.null&ord=6658227172862361325 HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=b1c2ee1d-6030-4ca5-8d29-e130fda71d86.null&ord=6658227172862361325&_bee_ppp=1

Request Chain 56

https://ib.adnxs.com/setuid/a9?entity=188&code=2jbCmiMaRa6iVkJVz7mzHg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3D2jbCmiMaRa6iVkJVz7mzHg%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=2jbCmiMaRa6iVkJVz7mzHg

Request Chain 57

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=4aD8_1bHSq6SxkhPRcmb3w&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=4aD8_1bHSq6SxkhPRcmb3w&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=86157649-c12e-4e7f-bcdd-f26e34ebafc1

Request Chain 59

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=219383204444001191910&ex=neustar.biz

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=OmGFJkhKRjKucIrV7StePw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=OmGFJkhKRjKucIrV7StePw&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZAHPkJlgvj-x6IVxGHUUxwAA

Request Chain 61

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=1e449b17a35d98be596cc66be7c05ce3

Request Chain 62

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 63

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=AV1l1TWcT7exsSe1kAfclg HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=AV1l1TWcT7exsSe1kAfclg&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=AV1l1TWcT7exsSe1kAfclg

Request Chain 64

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=392b8d9e-7e27-4a24-b6d6-2304ed20cd6d

Request Chain 67

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-cbKSf6VE2pF4eSfk54NCCKItGTSz5GuVL1kj~A&status=OK&ex=gemini

Request Chain 68

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7b95ce6971fe48bebabdd4e7eba8d1a&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 69

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 71

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=86157649-c12e-4e7f-bcdd-f26e34ebafc1&ex=improvedigital.com

Request Chain 73

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10d6fe52703de2bd9

Request Chain 74

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-R3PeQ4TRRW7NUngykSyXw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-R3PeQ4TRRW7NUngykSyXw

Request Chain 75

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=y1vjxFVbScmNWdoFyviJdQ&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7b95ce6971fe48bebabdd4e7eba8d1a&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=y1vjxFVbScmNWdoFyviJdQ

Request Chain 76

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=cY6KKA_AQfmzUDFXTMRZSw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=cY6KKA_AQfmzUDFXTMRZSw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=39386112616114618361621203515606872314

Request Chain 78

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6231478361057314790

Request Chain 79

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=61e3d734-b9b0-11ed-8703-18c6427b0306 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=61e3d6e5-b9b0-11ed-8703-18c6427b0306

Request Chain 80

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22eedf7fae-0e0d-4827-8b14-16947f3ff00c%22,%22Time%22:%2220230303T104432.670605%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=eedf7fae-0e0d-4827-8b14-16947f3ff00c

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm=&ex=doubleclick.net&google_tc= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPqoQILUi95Mgc3cNl9P0AI&google_cver=1

Request Chain 83

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=9b5cef6960e5d20257e989f3ab7c8f19

Request Chain 85

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LVP4oMlU9EeBusZFYRB68jc4dAI4ZgAC

Request Chain 87

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=8B022BE7DBD91FB4

Request Chain 88

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5530005640573688319&ex=appnexus.com

Request Chain 89

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=pab5FX8aR_-qMpxW0E6pqA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=pab5FX8aR_-qMpxW0E6pqA

Request Chain 90

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=wmJa94StpXxSBcLP7dgYGsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Uu2twxRrQiOCnFYYh4TqyQ& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 93

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EF4E4F2D91CF0164B40C75A9028F08E4

Request Chain 94

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=d77d55460610b5b377fb0086c323e69208209ef253afc5e511cd7abbfa397848

Request Chain 95

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=990A6B09-22F9-46CC-9FAB-AE3FD9C5A3A8

Request Chain 97

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=254509e6-c452-4ff3-87c6-f998332548c1-tuctafb5511

Request Chain 158

https://elfcosmetics.secure.force.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1677840270862 HTTP 301
https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1677840270862

198 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.elfcosmetics.com/
Redirect Chain

https://elfcosmetics.com/
https://www.elfcosmetics.com/

396 KB
98 KB

535ms
105ms

Document
text/html

165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 107abdab47bc6e811abe1faefede9dcfa66994af4579784d525cca586b58c48e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cf-cache-status: DYNAMIC
cf-ray: 7a21484da89a7777-LHR
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 03 Mar 2023 10:44:30 GMT
pragma: no-cache
vary: accept-encoding
x-dw-request-base-id: yZx5suy6AWQBAAB_
x-yottaa-metrics: 3421a5fe3895/[6,-,-] 34D1a5fe384c/[-,8.116]
x-yottaa-optimizations: ob/1001000000100001100 si/34D1a5fe384c-1677800067-4849442264 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0

Redirect headers

age: 0
content-length: 1198
content-type: text/html; charset=utf-8
date: Fri, 03 Mar 2023 10:44:30 GMT
location: https://www.elfcosmetics.com/
vary: User-Agent
x-yottaa-fw: fb/100000 tid/5dc1b889d93140235f4e4af6 rid/5dcae39ad9314072a73e54af stid/5ad7b08e2bb0ac0c5ba3d38c
x-yottaa-metrics: 26D1cc8d5849/[-,0.481]
x-yottaa-optimizations: ob/0 si/26D1cc8d5849-1677800067-7315173369 tts/1677840270138 ti/0 ai/5dc1b889d93140235f4e4af6

GET
H2 200 AssistantRegular.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw4de7574d/fonts/ 16 KB
16 KB 73ms
11ms Font
font/woff2 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw4de7574d/fonts/AssistantRegular.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 400efdf33f8a4a3eaa2b9f6bd5134f1f2920dd0d2c9f9199c27087550e89876b

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 31 Mar 2023 17:28:20 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 34061
x-yottaa-optimizations: ob/1 si/3811cc023144-1674763517-835899696 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16488
x-served-by: cache-hhn-etou8220034-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840271.823718,VS0,VE2
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023193/[18,15,-] 3811cc023144/[hit]
accept-ranges: bytes
cf-ray: 7a1e09492a478ce8-EWR
x-dw-request-base-id: fgKpZzSL_2MBAAB_
x-cache-hits: 1

GET
H2 200 AssistantBold.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw82d4e320/fonts/ 16 KB
17 KB 71ms
9ms Font
font/woff2 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw82d4e320/fonts/AssistantBold.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66960fd249e74cd61ae9b9ed92f21e038feb67be2f7c4c9ced6f00cfb193bf5

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 31 Mar 2023 23:38:00 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 97059
x-yottaa-optimizations: ob/0 si/3811cc023143-1674763518-2074576534 tts/1677806164521 ti/5a0c9b7632f01c35d4210314 ai/5a0c9b7632f01c35d42102ae tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16748
x-served-by: cache-hhn-etou8220034-HHN
x-yottaa-forcecache: true
last-modified: Mon, 16 Dec 2019 19:20:37 GMT
server: cloudflare
x-timer: S1677840271.823872,VS0,VE1
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2562669
x-yottaa-metrics: 3821cc023166/[17,13,-] 3811cc023143/[-,18.609]
accept-ranges: bytes
cf-ray: 7a1e0b4a5d9115d7-EWR
x-dw-request-base-id: mMoizdjh_2MBAAB_
x-cache-hits: 1

GET
H2 200 fontawesome-webfont.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw00716dd6/fonts/ 55 KB
56 KB 73ms
12ms Font
font/woff2 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw00716dd6/fonts/fontawesome-webfont.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 31 Mar 2023 19:41:30 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 34069
x-yottaa-optimizations: ob/1 si/3811cc023141-1674763518-2084213873 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 56780
x-served-by: cache-hhn-etou8220034-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840271.823841,VS0,VE2
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02317f/[18,15,-] 3811cc023141/[hit]
accept-ranges: bytes
cf-ray: 7a1e091a6a6832d0-EWR
x-dw-request-base-id: fgKf1Wqq_2MBAAB_
x-cache-hits: 1

GET
H2 200 jquery-2.1.1.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/lib/jquery/ 82 KB
29 KB 90ms
28ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/lib/jquery/jquery-2.1.1.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:04 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 5449
x-yottaa-optimizations: ob/1000 si/2611cc028373-1675284456-1871634169 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29492
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840271.825335,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc023045/[17,12,-] 2611cc028373/[-,33.257]
accept-ranges: bytes
cf-ray: 7a20c3d6bbdd232f-ORD
x-dw-request-base-id: mMrF_uS5AWQBAAB_
x-cache-hits: 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 62ms
21ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ewgd1d1Vp0nFNYpIMiFTtA==
age: 40847
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8460
x-ms-lease-status: unlocked
last-modified: Wed, 01 Mar 2023 20:31:53 GMT
server: cloudflare
etag: 0x8DB1A93FE4DDD82
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5d23d0a2-301e-0038-0725-4d99bf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a2148dc89865bf5-FRA

GET
H2 200 style.min.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/ 805 KB
137 KB 69ms
9ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/style.min.css?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4828ebff78e3165481adef4c5a40bab4a6c4463ed0fa1bf4907e26a7fb210591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:01 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 5391
x-yottaa-optimizations: ob/100011011 si/2511cc0285b8-1674081178-1124519284 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 139915
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840271.823639,VS0,VE1
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31104000
x-yottaa-metrics: 2521cc0285ac/[-,-,1677834776912] 2511cc0285b8/[hit]
accept-ranges: bytes
cf-ray: 7a20c2baaafff95b-SJC
x-dw-request-base-id: fgKQ9eG5AWQBAAB_
x-cache-hits: 1

GET
H2 200 EswHooks.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/ 11 KB
3 KB 10ms
9ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/EswHooks.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a8112252b50b4b89f7b39ecd63b218133284fcd7e1e5bef85baf3bc80220d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:02 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 5547
x-yottaa-optimizations: ob/1001 si/2611cc028373-1675284456-1871632964 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3109
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840271.860354,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc023035/[77,76,-] 2611cc028373/[hit]
accept-ranges: bytes
cf-ray: 7a20c16f7ba62bd4-ORD
x-dw-request-base-id: yZzoneK5AWQBAAB_
x-cache-hits: 1

GET
H2 200 EswCss.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/ 9 KB
2 KB 91ms
30ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/EswCss.css?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43d16995a1116f83c7704b3c1acdae8672693ae7d259a57f3634b6ad6a956b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:01 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 4709
x-yottaa-optimizations: ob/11000 si/2511cc028a74-1674081171-150528901 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1991
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840271.824480,VS0,VE5
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31104000
x-yottaa-metrics: 2521cc02851a/[12,10,-] 2511cc028a74/[-,13.660]
accept-ranges: bytes
cf-ray: 7a20d5e489bb980b-SJC
x-dw-request-base-id: fgKM9eG5AWQBAAB_
x-cache-hits: 1

GET
H2 200 global.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1677834716745/css/ 30 KB
5 KB 90ms
30ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1677834716745/css/global.css?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef4a0a386be0745346bdbbb04735249591dcc13e2d36a444f2ff08f70b236868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:01 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 4709
x-yottaa-optimizations: ob/11010 si/2511cc028a76-1674081171-948861764 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4444
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840271.824196,VS0,VE3
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31104000
x-yottaa-metrics: 2521cc0285ab/[1,-,1677834776750] 2511cc028a76/[-,2.712]
accept-ranges: bytes
cf-ray: 7a20c2ba9902cea0-SJC
x-dw-request-base-id: mMp1_uG5AWQBAAB_
x-cache-hits: 1

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 6 KB
2 KB 113ms
8ms Script
application/javascript 13.224.189.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-65.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 055ee6f4aed068617e7ef04a3338d7bf71e7768acb90de0066504bc3a2f97650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:29:47 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 14:59:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 884
x-amz-server-side-encryption: AES256
etag: W/"f15f2ce8cf030c988a63979d831d09f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: Pyd_YjaphqLrzg3ONgLHzKhZ5SmwuFcXUlEYa9QJ2Fn9UyzHA79xLA==

GET
H2 200 changeUp.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/ 11 KB
2 KB 85ms
25ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/changeUp.css?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ebd5f45a4d70cbce2f565c7479b1052f4a2d6af748969b590fb20b35a9058d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:03 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 4709
x-yottaa-optimizations: ob/100011000 si/2511cc028a76-1674081171-948861768 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2144
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840271.824190,VS0,VE2
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31104000
x-yottaa-metrics: 2521cc02850e/[17,13,-] 2511cc028a76/[-,19.495]
accept-ranges: bytes
cf-ray: 7a20d5e59ac896dd-SJC
x-dw-request-base-id: yZz7neO5AWQBAAB_
x-cache-hits: 1

GET
H2 200 changeUp.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/ 3 KB
1 KB 9ms
8ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/changeUp.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0232c842afa32c041223fc8ef697660bae9caeac0a4ea9d596d421cd5a7e46ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:01 GMT
date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 5468
x-yottaa-optimizations: ob/1001 si/2611cc8d586a-1675284503-788221660 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 994
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840271.886830,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc023038/[79,78,-] 2611cc8d586a/[hit]
accept-ranges: bytes
cf-ray: 7a20c35ffbe02d88-ORD
x-dw-request-base-id: yZylneG5AWQBAAB_
x-cache-hits: 1

GET
H2 200 6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 4 KB
2 KB 36ms
18ms XHR
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a687ab1a8045dcd662c262daace7e26921853deb833a1c692db5164604a0ee74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3yShfoOvlLxFnNTjthG/qA==
age: 68373
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1600
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 21:54:37 GMT
server: cloudflare
etag: 0x8DAEF67705C85AE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0332d83b-501e-0089-0d50-2161c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a2148dd2e179c10-FRA
expires: Sat, 04 Mar 2023 10:44:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 474 KB
118 KB 66ms
42ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72c5160735731f9f054697ed9335fc818efb207ca5f2706f2ed7a59094e2d0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120606
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Mar 2023 10:44:30 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 67ms
30ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7a2148dd8f8e382a-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 18ms
18ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 56116
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 06a578fc-e01e-0057-5706-22316b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a2148dddb0d5bf5-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 88ms
20ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Mar 2023 09:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5221
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Mar 2023 11:17:30 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame DE56
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D85783...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D85783...

1 KB
2 KB

113ms
113ms

Document
text/html

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=49939356868183850&dcc=t

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

790058d7104da64744d1f439afc947be13c7cbb25e1b51b64ffa9ef20832fa44

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1356
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 03 Mar 2023 10:44:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 5VJDKXA1PB8G0D6ZZY73

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 03 Mar 2023 10:44:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=49939356868183850&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 4PGNF0SJ2QZR77JB67XQ

GET
H2

200

src=9231397;dc_pre=CLL_6YrKv_0CFWsMewod_QgFxQ;type=retarget;cat=globa0;ord=1293218029334;gtm=45He3310;gcs=G100;u6=%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.elfco...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=1293218029334;gtm=45He3310;gcs=G100;u6=%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2...
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLL_6YrKv_0CFWsMewod_QgFxQ;type=retarget;cat=globa0;ord=1293218029334;gtm=45He3310;gcs=G100;u6=%2F;u4=False;u8=undefined;u10=undefi...

42 B
107 B

56ms
55ms

Image
image/gif

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLL_6YrKv_0CFWsMewod_QgFxQ;type=retarget;cat=globa0;ord=1293218029334;gtm=45He3310;gcs=G100;u6=%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLL_6YrKv_0CFWsMewod_QgFxQ;type=retarget;cat=globa0;ord=1293218029334;gtm=45He3310;gcs=G100;u6=%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10265292;dc_pre=CM6A6orKv_0CFVEMogMdrAAP4g;type=conte0;cat=homep0;ord=2166362061524;gtm=45He3310;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=2166362061524;gtm=45He3310;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CM6A6orKv_0CFVEMogMdrAAP4g;type=conte0;cat=homep0;ord=2166362061524;gtm=45He3310;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com...

42 B
118 B

55ms
54ms

Image
image/gif

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CM6A6orKv_0CFVEMogMdrAAP4g;type=conte0;cat=homep0;ord=2166362061524;gtm=45He3310;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CM6A6orKv_0CFVEMogMdrAAP4g;type=conte0;cat=homep0;ord=2166362061524;gtm=45He3310;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10742279;dc_pre=COiE6orKv_0CFYy1GAody9oEDQ;type=elf8j0;cat=glo_flap;ord=2797990733248;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=2797990733248;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosm...
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=COiE6orKv_0CFYy1GAody9oEDQ;type=elf8j0;cat=glo_flap;ord=2797990733248;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%...

42 B
107 B

56ms
56ms

Image
image/gif

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=COiE6orKv_0CFYy1GAody9oEDQ;type=elf8j0;cat=glo_flap;ord=2797990733248;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=COiE6orKv_0CFYy1GAody9oEDQ;type=elf8j0;cat=glo_flap;ord=2797990733248;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10742279;dc_pre=CJGG6orKv_0CFbEJewodl3UIjw;type=elf8j0;cat=glo_flhp;ord=7531159779957;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=7531159779957;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosm...
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJGG6orKv_0CFbEJewodl3UIjw;type=elf8j0;cat=glo_flhp;ord=7531159779957;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%...

42 B
107 B

57ms
57ms

Image
image/gif

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJGG6orKv_0CFbEJewodl3UIjw;type=elf8j0;cat=glo_flhp;ord=7531159779957;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJGG6orKv_0CFbEJewodl3UIjw;type=elf8j0;cat=glo_flhp;ord=7531159779957;gtm=45He3310;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=7c569ced-2f06-4382-b136a59641848c3c&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&gtmcb=2015495548
https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=b1c2ee1d-6030-4ca5-8d29-e130fda71d86.null&ord=6658227172862361325
https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=b1c2ee1d-6030-4ca5-8d29-e130fda71d86.null&ord=6658227172862361325&_bee_ppp=1

43 B
796 B

186ms
186ms

Image
image/gif

52.32.82.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=b1c2ee1d-6030-4ca5-8d29-e130fda71d86.null&ord=6658227172862361325&_bee_ppp=1

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Server

52.32.82.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-82-189.us-west-2.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=b1c2ee1d-6030-4ca5-8d29-e130fda71d86.null&ord=6658227172862361325&_bee_ppp=1
Date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/96dfacc1-ada2-4b34-8a7d-2680b39d017c/ 200 KB
34 KB 17ms
17ms Fetch
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/96dfacc1-ada2-4b34-8a7d-2680b39d017c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7704375b3e9267d0f55e59bb604f42daa4e367d2e08cdf531c95f79c9a11f9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NtGqCbD3ey1LCjJpMdwNVQ==
age: 14014
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 35034
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 21:54:38 GMT
server: cloudflare
etag: 0x8DAEF67715F50CA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a6845459-301e-0178-39c2-45f604000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a2148de4f919c10-FRA
expires: Sat, 04 Mar 2023 10:44:31 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 368 KB
53 KB 19ms
19ms Fetch
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a48aa40c4250549d94e857f51799512f160e05fe3d4bce0d1b5167ad5bcf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R6Squ91xgGq5H8o0yEfTUw==
age: 59389
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 53663
x-ms-lease-status: unlocked
last-modified: Thu, 02 Mar 2023 06:58:55 GMT
server: cloudflare
etag: 0x8DB1AEB96DC021C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 28b0e00b-e01e-005c-0ad5-4c291f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a2148de4f929c10-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 68 KB
15 KB 17ms
17ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otTCF.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jNSx0jAViofB7ggqqp6FUQ==
age: 76408
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15011
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:44 GMT
server: cloudflare
etag: 0x8DADC66BD0C2AD7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bdd5c82e-101e-00ca-44ea-0e4b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a2148de4b905bf5-FRA

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 13 KB
3 KB 22ms
22ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vO8A/abKpoPacUrvSk9OSw==
age: 48187
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:35 GMT
server: cloudflare
etag: 0x8DADC66B7AF38D0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6c44022e-f01e-008f-43fe-0e96ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a2148def8989c10-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 61 KB
12 KB 23ms
22ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mBGnk7IXt0USbYmXZQhmOw==
age: 47974
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12540
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:37 GMT
server: cloudflare
etag: 0x8DADC66B90C98A8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 61113c84-a01e-009c-71ff-0ea35b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a2148def89c9c10-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 20ms
20ms Fetch
text/css 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 48280
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 713828ee-201e-004a-0afe-0ee881000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a2148def8a09c10-FRA

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 21ms
20ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70084
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame AA65 7 KB
7 KB 114ms
113ms Document
text/html 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=49939356868183850&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

d227b8698fe32235126f6bbdde8805dd4330a1a2f909eec1261f58c52d559c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=49939356868183850&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6704
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 03 Mar 2023 10:44:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: PQBP67VT995P6234QCXC

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8772046/ 923 KB
110 KB 176ms
52ms Script
application/javascript 2600:9000:21f3:e800:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: ec650428fc453feac2ec02390ae0ab2eb0e28cfa657fac758652edf13a9befc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 23:25:12 GMT
server: DYCDN
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"281ee04962d0ccabee38ccabf2ac1e50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: Dkxi9EGzSCRqXIWS4qpL3li0kRtsx70RDgWZOoQFAyAQeG14bqfzUA==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8772046/ 283 KB
83 KB 142ms
19ms Script
application/javascript 2600:9000:21f3:e800:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 73298c5946d1119054eab2d334cc97c4ecf0e77c5a2387b7249351e101fcbe37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 16:23:06 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Tue, 21 Feb 2023 07:17:51 GMT
server: DYCDN
age: 66427
x-amz-cf-pop: FRA2-C2
etag: W/"fad92995b21ce36302f95f98d312a853"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: gl6MRWKD0MUDG77jtq45CHbehuvUuCaUquDJjW_L-s65YnP3oqPkQw==

GET
H2 200 splide.min.css
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/ 4 KB
1 KB 133ms
13ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/splide.min.css

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 786224
x-jsd-version: 2.4.21
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1031
x-served-by: cache-fra-eddf8230098-FRA, cache-hhn-etou8220041-HHN
x-jsd-version-type: version
etag: W/"102c-M7+BfeLRxTmUwlsz98mdry3uV50"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 splide.min.js Show response
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/ 28 KB
11 KB 133ms
12ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/splide.min.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 7982232
x-jsd-version: 2.4.21
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10609
x-served-by: cache-fra-eddf8230056-FRA, cache-hhn-etou8220041-HHN
x-jsd-version-type: version
etag: W/"7170-eq1ZE4HBpvEGZCwKn41rAbub2NI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gripGlow_D.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwd4637fae/homepage/2023/03/ 101 KB
101 KB 19ms
19ms Image
image/jpeg 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwd4637fae/homepage/2023/03/gripGlow_D.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da24ddb5291d2988d5eba22ab1a1662b87c35a6dd93c64293726eccf6477229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sat, 01 Apr 2023 10:18:21 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 33861
x-yottaa-optimizations: ob/101 si/2511cc02853d-1674081173-1503872076 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 103047
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
x-timer: S1677840272.598772,VS0,VE2
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2521cc028a85/[3,-,1677806197615] 2511cc02853d/[hit]
accept-ranges: bytes
cf-ray: 7a1e08fefec3cfb8-SJC
x-dw-request-base-id: mMoNKu13AGQBAAB_
x-cache-hits: 1

GET
H2 200 goodVibesLaunch_D_1.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e42990e/homepage/2023/01/ 303 KB
304 KB 10ms
9ms Image
image/jpeg 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e42990e/homepage/2023/01/goodVibesLaunch_D_1.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9db9dddd952893ef706c0883ccbc82e9685a737fb526ef107640cd881ce58a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sat, 01 Apr 2023 00:46:48 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 33616
x-yottaa-optimizations: ob/101 si/33118cae0c62-1674156646-2034846199 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 310562
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
x-timer: S1677840272.599284,VS0,VE1
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0ca7/[5,-,1677806213277] 33118cae0c62/[hit]
accept-ranges: bytes
cf-ray: 7a1e0960dda1ad13-ATL
x-dw-request-base-id: mMoT7fjx_2MBAAB_
x-cache-hits: 1

GET
H2 200 _D_good-vibes.png
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0600eaed/homepage/2023/01/ 10 KB
10 KB 9ms
8ms Image
image/png 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0600eaed/homepage/2023/01/_D_good-vibes.png?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e98cfe6c9197e8395ffa94d6cc16cfae68dacd6a44392625c6d21ea71b1457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sat, 01 Apr 2023 13:47:51 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 33233
x-yottaa-optimizations: ob/100 si/33118cae0c64-1674156647-2141770268 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9947
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.598957,VS0,VE1
content-type: image/png
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c33/[2,-,1677806213261] 33118cae0c64/[-,3.088]
accept-ranges: bytes
cf-ray: 7a1e0960db990d0a-ATL
x-dw-request-base-id: fgLsDgepAGQBAAB_
x-cache-hits: 1

GET
H2 200 featherlight.min.css
cdn.jsdelivr.net/npm/featherlight@1.7.14/release/ 2 KB
877 B 117ms
14ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/featherlight@1.7.14/release/featherlight.min.css

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5073f4bda3ea4b5498e86e724999dda152b3409601495176a6ab3898fac311c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 786232
x-jsd-version: 1.7.14
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 763
x-served-by: cache-fra-eddf8230095-FRA, cache-hhn-etou8220041-HHN
x-jsd-version-type: version
etag: W/"74c-av7JyiRTOltgFnD8cjRmSfSzGfQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 projectStick_teaser_D.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwf610aa85/homepage/2023/02/ 69 KB
70 KB 18ms
10ms Image
image/jpeg 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwf610aa85/homepage/2023/02/projectStick_teaser_D.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6737c72549c4a9f37c6decdd5118aaca00ddcd1716d3506e530d2a6926d8bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 31 Mar 2023 11:59:49 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 33890
x-yottaa-optimizations: ob/101 si/33118cae0c64-1674156647-2141754292 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 71015
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
x-timer: S1677840272.623406,VS0,VE1
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6d/[3,-,1677806213274] 33118cae0c64/[hit]
accept-ranges: bytes
cf-ray: 7a1e0960d8011f9d-ATL
x-dw-request-base-id: mMq2DjU-_2MBAAB_
x-cache-hits: 1

GET
H2 200 projectStick-gif.gif
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw488d6742/homepage/2023/02/ 7 MB
7 MB 20ms
13ms Image
image/gif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw488d6742/homepage/2023/02/projectStick-gif.gif?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d79259c387e0f2378ee747f26ddef86ab31acdf3e580754bae02b984c747197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 30 Mar 2023 18:56:13 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 33889
x-yottaa-optimizations: ob/1 si/33118cae0c63-1674156646-1976527634 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7177581
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.623376,VS0,VE1
content-type: image/gif
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c88/[13,12,-] 33118cae0c63/[hit]
accept-ranges: bytes
cf-ray: 7a1e0d8088b5b029-ATL
x-dw-request-base-id: yZyCU01O_mMBAAB_
x-cache-hits: 0

GET
H2 200 featherlight.min.js Show response
cdn.jsdelivr.net/npm/featherlight@1.7.14/release/ 9 KB
4 KB 116ms
14ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/featherlight@1.7.14/release/featherlight.min.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ffc6a618811ab08cd3ffd3ed154f98e67a785daa12824a44a99854f968f1993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 786232
x-jsd-version: 1.7.14
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3720
x-served-by: cache-fra-eddf8230101-FRA, cache-hhn-etou8220041-HHN
x-jsd-version-type: version
etag: W/"24fc-Zs0SHW/eMkQIAoKS5WaQ9j1zAr4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 _PURPLEBACKGROUND_SHIPPINGTRUCKS_D.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw15182a53/homepage/2022/10/ 22 KB
22 KB 20ms
13ms Image
image/jpeg 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw15182a53/homepage/2022/10/_PURPLEBACKGROUND_SHIPPINGTRUCKS_D.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87af221020046d4592e8fe13ee1ffead5ed18e9adbd99cd0d03f5b39519908a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Tue, 21 Mar 2023 08:13:45 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 33822
x-yottaa-optimizations: ob/101 si/3811cc023144-1674763517-835911034 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 22555
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
x-timer: S1677840272.623632,VS0,VE1
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02318b/[3,-,1677806192948] 3811cc023144/[hit]
accept-ranges: bytes
cf-ray: 7a1e08e1cd9de76c-EWR
x-dw-request-base-id: mMr3iTna8WMBAAB_
x-cache-hits: 1

GET
H2 200 _BEAUTYSQUADLOGO_MOBILE.PNG
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0049f636/homepage/2022/10/ 2 KB
2 KB 22ms
15ms Image
image/png 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0049f636/homepage/2022/10/_BEAUTYSQUADLOGO_MOBILE.PNG?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c21d2e499961096727a9c72b9cc68bb32f9435b819cf966a3943ad16163fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sat, 01 Apr 2023 07:03:29 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 33208
x-yottaa-optimizations: ob/100 si/3811cc023143-1674763518-2074607316 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1820
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.623363,VS0,VE2
content-type: image/png
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023192/[4,-,1677806216055] 3811cc023143/[-,6.511]
accept-ranges: bytes
cf-ray: 7a1e09722a828ce8-EWR
x-dw-request-base-id: yZzJckFKAGQBAAB_
x-cache-hits: 1

GET
H2 200 intersection-observer.min.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.5.1/ 7 KB
3 KB 116ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.5.1/intersection-observer.min.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad3a30e9a818e22c8f16792348125f8ef1dd28bc20c1d12e23c163c2cd5be07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 786231
x-jsd-version: 0.5.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2580
x-served-by: cache-fra-eddf8230071-FRA, cache-hhn-etou8220041-HHN
x-jsd-version-type: version
etag: W/"1bf9-LLg69WDFPy8EcYnHyvJtDlnbpRc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/ 5 KB
3 KB 116ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/lazyload.min.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 10:44:31 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 786229
x-jsd-version: 12.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2145
x-served-by: cache-fra-eddf8230064-FRA, cache-hhn-etou8220041-HHN
x-jsd-version-type: version
etag: W/"15d1-IxZ2QckOwVh8MMcWJc7ap/VwGh4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appstore-download.png
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw07d40bc1/homepage/2020/05/ 4 KB
5 KB 19ms
13ms Image
image/webp 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw07d40bc1/homepage/2020/05/appstore-download.png?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5fb3ebbf40563c91f4e8565aa6257ed735ca0a075f0f78b18bddda655cc8434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 31 Mar 2023 06:12:38 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 34022
x-yottaa-optimizations: ob/10000000000100 si/3811cc023141-1674763518-2084216785 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4370
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.623858,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023178/[3,-,1677806211088] 3811cc023141/[-,5.044]
accept-ranges: bytes
cf-ray: 7a1e0951aeb38c39-EWR
x-dw-request-base-id: mMrmPdbs_mMBAAB_
x-cache-hits: 1

GET
H2 200 plugins.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/ 283 KB
78 KB 13ms
9ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/plugins.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96a3358dcb988a6b2d0d6f409533b6e242b79f248d58bb9731860246481eb585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:00 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 5536
x-yottaa-optimizations: ob/1001 si/2611cc028371-1675284414-590783432 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 79878
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.622214,VS0,VE2
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc023033/[128,125,-] 2611cc028371/[hit]
accept-ranges: bytes
cf-ray: 7a20c1b43ed07f6c-ORD
x-dw-request-base-id: fgJz9eC5AWQBAAB_
x-cache-hits: 1

GET
H2 200 app.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/ 545 KB
150 KB 22ms
18ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/app.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852954354453a8fa24b0bda5f642431438019a2e59fea518fab1c2e3702b0089

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:02 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 5547
x-yottaa-optimizations: ob/1001 si/2611cc028373-1675284456-1871632965 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 153075
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.623196,VS0,VE2
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc023044/[148,131,-] 2611cc028373/[hit]
accept-ranges: bytes
cf-ray: 7a20c16f8f3e6360-ORD
x-dw-request-base-id: mMqt_uK5AWQBAAB_
x-cache-hits: 1

GET
H2 200 global.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1677834716745/js/ 1 KB
819 B 15ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1677834716745/js/global.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5ae643e89170860b9bca1805cb663625a9006ecfcdf8749d3ee7d498d40629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:00 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 5548
x-yottaa-optimizations: ob/1001 si/2611cc028372-1675284435-1012431255 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 509
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.623150,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d587d/[86,83,-] 2611cc028372/[hit]
accept-ranges: bytes
cf-ray: 7a20c16f2f8422d3-ORD
x-dw-request-base-id: yZyOneC5AWQBAAB_
x-cache-hits: 1

GET
H2 200 rangetouch.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/lib/ 2 KB
1 KB 14ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/lib/rangetouch.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 020da0825330e19eef417005d005ad730b7c875200d5f16057bcd32230f30b84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:03 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 5548
x-yottaa-optimizations: ob/1001 si/2611cc028372-1675284435-1012431257 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1045
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.623139,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d5879/[42,40,-] 2611cc028372/[hit]
accept-ranges: bytes
cf-ray: 7a20c16f8d2813f1-ORD
x-dw-request-base-id: mMq__uO5AWQBAAB_
x-cache-hits: 1

GET
H/1.1 200
OK main.js Show response
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 244 KB
52 KB 197ms
36ms Script
text/javascript 104.117.196.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.117.196.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-117-196-56.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

45b63f0d0a7511f0d7514737e55979d4816a55983da3e4dfb6710b0f5cda1b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Date: Fri, 03 Mar 2023 10:44:31 GMT
Last-Modified: Thu, 26 Aug 2021 21:20:49 GMT
Server: Apache
ETag: "220101-3d194-5ca7cf0e06aa4"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53222
Expires: Fri, 03 Mar 2023 10:59:31 GMT

GET
H2 200 dwanalytics-22.2.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/internal/jscript/ 6 KB
3 KB 20ms
17ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/internal/jscript/dwanalytics-22.2.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b2a97b95ecaab1920aba84b26169c23a38e0513c2d4423ab9c0102b96cb195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:04 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 5546
x-yottaa-optimizations: ob/1001 si/2611cc028373-1675284456-1871632992 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2688
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.623118,VS0,VE2
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028333/[14,12,-] 2611cc028373/[hit]
accept-ranges: bytes
cf-ray: 7a20c17e6e122240-ORD
x-dw-request-base-id: yZwInuS5AWQBAAB_
x-cache-hits: 1

GET
H2 200 dwac-21.7.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/internal/jscript/ 5 KB
2 KB 37ms
35ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/internal/jscript/dwac-21.7.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7d87091d363393cdfb559f44f41e447f70b67917b9dedb3e97c2a8d476e1ea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:00 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 5449
x-yottaa-optimizations: ob/1000 si/2611cc028373-1675284456-1871634166 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1919
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.629956,VS0,VE4
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc023044/[317,316,-] 2611cc028373/[-,320.889]
accept-ranges: bytes
cf-ray: 7a20c3d5fe886360-ORD
x-dw-request-base-id: mMpg_uC5AWQBAAB_
x-cache-hits: 1

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 65 KB
19 KB 120ms
20ms Script
application/javascript 13.227.217.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.217.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-217-143.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09997b6cba6fd1ffb6aaf43c2900c4f5d3bc291913be9105eb91e8a4a1277d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:49:19 GMT
content-encoding: gzip
via: 1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
last-modified: Wed, 18 Jan 2023 16:09:21 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 3313
etag: W/"0497920c3a1175f967fd3029b4026318"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: MrBOvY0Evw3g-oC7cAAOlC5xR02qIL6EZ_D_zwlwOu6wN6Bco9nNsw==

GET
H2 200 applepay.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/internal/jscript/ 14 KB
4 KB 37ms
35ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/internal/jscript/applepay.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9320fb9cf32f0763c597acec29a63ffb220d538acd75e75b47e2029258c4471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:01 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 5548
x-yottaa-optimizations: ob/1001 si/2611cc028373-1675284456-1871632966 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3919
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.630088,VS0,VE6
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc023045/[95,93,-] 2611cc028373/[hit]
accept-ranges: bytes
cf-ray: 7a20c16f8ef9232f-ORD
x-dw-request-base-id: yZyrneG5AWQBAAB_
x-cache-hits: 1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=2jbCmiMaRa6iVkJVz7mzHg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3D2jbCmiMaRa6iVkJVz7mzHg%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=2jbCmiMaRa6iVkJVz7mzHg

43 B
479 B

98ms
98ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=2jbCmiMaRa6iVkJVz7mzHg

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H5ME10XV1A1P4R6T1R9E
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 03 Mar 2023 10:44:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 68629745-39c2-4bf1-8bde-85916273057f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=2jbCmiMaRa6iVkJVz7mzHg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=4aD8_1bHSq6SxkhPRcmb3w&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=4aD8_1bHSq6SxkhPRcmb3w&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=86157649-c12e-4e7f-bcdd-f26e34ebafc1

43 B
479 B

105ms
105ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=86157649-c12e-4e7f-bcdd-f26e34ebafc1

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NYPFYK03MS8GB8844Q2K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=86157649-c12e-4e7f-bcdd-f26e34ebafc1
access-control-allow-origin: *
date: Fri, 03 Mar 2023 10:44:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame AA65 43 B
163 B 136ms
24ms Image
image/gif 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=oUvBDsBvQZu0PVvZdBD3_A&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:31 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=219383204444001191910&ex=neustar.biz

43 B
479 B

275ms
97ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=219383204444001191910&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ERJRWBAZP2G53XY8FZNY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=219383204444001191910&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=OmGFJkhKRjKucIrV7StePw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=OmGFJkhKRjKucIrV7StePw&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZAHPkJlgvj-x6IVxGHUUxwAA

43 B
479 B

208ms
98ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZAHPkJlgvj-x6IVxGHUUxwAA

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6RAQ2NREYN2BHTGEDE4X
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZAHPkJlgvj-x6IVxGHUUxwAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=1e449b17a35d98be596cc66be7c05ce3

43 B
479 B

225ms
97ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=1e449b17a35d98be596cc66be7c05ce3

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 693MSRXE27G2G77KNHXD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=1e449b17a35d98be596cc66be7c05ce3
date: Fri, 03 Mar 2023 10:44:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

274ms
98ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZJ4J3XP4TXHQDH8TG7S4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Fri, 03 Mar 2023 10:44:32 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=AV1l1TWcT7exsSe1kAfclg
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=AV1l1TWcT7exsSe1kAfclg&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=AV1l1TWcT7exsSe1kAfclg

43 B
479 B

177ms
98ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=AV1l1TWcT7exsSe1kAfclg

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XC91KSCYX2D20GPRCWZ0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=AV1l1TWcT7exsSe1kAfclg
date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=392b8d9e-7e27-4a24-b6d6-2304ed20cd6d

43 B
479 B

151ms
97ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=392b8d9e-7e27-4a24-b6d6-2304ed20cd6d

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WE2QJX81X3BXEZ3589RR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=392b8d9e-7e27-4a24-b6d6-2304ed20cd6d
Date: Fri, 03 Mar 2023 10:44:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame AA65 43 B
183 B 338ms
92ms Image
image/gif 2600:1f18:612b:4280:e48f:9156:f9ea:12b8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:e48f:9156:f9ea:12b8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 03 Mar 2023 10:44:32 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame AA65 0
123 B 102ms
19ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=Itqo7uiUROKpF6cd0oThWA&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-cjjv4
date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-cbKSf6VE2pF4eSfk54NCCKItGTSz5GuVL1kj~A&status=OK&ex=gemini

43 B
479 B

98ms
98ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-cbKSf6VE2pF4eSfk54NCCKItGTSz5GuVL1kj~A&status=OK&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MEG1C0K5DF7ASDRVMA4N
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=y-cbKSf6VE2pF4eSfk54NCCKItGTSz5GuVL1kj~A&status=OK&ex=gemini
date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=7b95ce6971fe48bebabdd4e7eba8d1a&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

100ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7b95ce6971fe48bebabdd4e7eba8d1a&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7S7KKK66G4SPA9Y8G2VS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=7b95ce6971fe48bebabdd4e7eba8d1a&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1677840272210032-510
Expires: Fri, 03 Mar 2023 10:44:32 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

95ms
95ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8Z2GZ0JE9NB2YKSG71WJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=GMP3XRE7DFC0SVV0MYW7:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: GMP3XRE7DFC0SVV0MYW7
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: 9mTtc0YaPyIkyu4yA99fNWThvp1-pcdDTGYTsu0OYelZ3PBNGla7mA==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame AA65 0
338 B 616ms
177ms Image
text/plain 44.230.85.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=psyXZztARUqkHWVnX1Wdcg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.230.85.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-230-85-187.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: beacon-n016-pdx-prod.krxd.net
date: Fri, 03 Mar 2023 10:44:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1677840272
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=86157649-c12e-4e7f-bcdd-f26e34ebafc1&ex=improvedigital.com

43 B
479 B

104ms
104ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=86157649-c12e-4e7f-bcdd-f26e34ebafc1&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9GQQBQQ998QBF96B02CR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=86157649-c12e-4e7f-bcdd-f26e34ebafc1&ex=improvedigital.com
access-control-allow-origin: *
date: Fri, 03 Mar 2023 10:44:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame AA65 0
186 B 284ms
93ms Image
text/plain 3.228.92.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.92.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-92-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10d6fe52703de2bd9

43 B
479 B

119ms
118ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10d6fe52703de2bd9

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CDMAVSDMZHB3M70ERH5Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 03 Mar 2023 10:44:32 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10d6fe52703de2bd9
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-R3PeQ4TRRW7NUngykSyXw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-R3PeQ4TRRW7NUngykSyXw

43 B
479 B

100ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-R3PeQ4TRRW7NUngykSyXw

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8MT63PS739WGX6258FXH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-R3PeQ4TRRW7NUngykSyXw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=y1vjxFVbScmNWdoFyviJdQ&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=7b95ce6971fe48bebabdd4e7eba8d1a&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=y1vjxFVbScmNWdoFyviJdQ

43 B
479 B

99ms
99ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7b95ce6971fe48bebabdd4e7eba8d1a&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=y1vjxFVbScmNWdoFyviJdQ

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XP4BG5QC08Z487FVAXN3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=7b95ce6971fe48bebabdd4e7eba8d1a&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=y1vjxFVbScmNWdoFyviJdQ
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1677840272319083-553
Expires: Fri, 03 Mar 2023 10:44:32 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=cY6KKA_AQfmzUDFXTMRZSw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=cY6KKA_AQfmzUDFXTMRZSw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=39386112616114618361621203515606872314

43 B
479 B

102ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=39386112616114618361621203515606872314

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WW0VQR8E4W0HJGV2A6M5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v046-0decf6b17.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: fu6JMMbIQfc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=39386112616114618361621203515606872314
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame AA65 42 B
213 B 72ms
19ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=HuVzSHMGTNqRkeK0q-HJiQ
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6231478361057314790

43 B
479 B

97ms
96ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6231478361057314790

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6MSEASEPBRNMVNHWE7ET
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6231478361057314790
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=61e3d734-b9b0-11ed-8703-18c6427b0306
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=61e3d6e5-b9b0-11ed-8703-18c6427b0306

43 B
479 B

103ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=61e3d6e5-b9b0-11ed-8703-18c6427b0306

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XB8VMRJRVJJ10CYKP3HW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 03 Mar 2023 10:44:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=61e3d6e5-b9b0-11ed-8703-18c6427b0306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 40
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22eedf7fae-0e0d-4827-8b14-16947f3ff00c%22,%22Time%22:%2220230303T104432.670605%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=eedf7fae-0e0d-4827-8b14-16947f3ff00c

43 B
479 B

194ms
194ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=eedf7fae-0e0d-4827-8b14-16947f3ff00c

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JA74MKJ222P9TRWYKHTQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=eedf7fae-0e0d-4827-8b14-16947f3ff00c
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm=&ex=doubleclick.net&google_tc=
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPqoQILUi95Mgc3cNl9P0AI&google_cver=1

43 B
479 B

98ms
98ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPqoQILUi95Mgc3cNl9P0AI&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FK8W4QJ80QPEYYN385FY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPqoQILUi95Mgc3cNl9P0AI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame AA65 20 B
20 B 338ms
91ms Image
text/plain 3.208.153.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.153.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-153-42.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: usermatch-a007-ash-prod.krxd.net
date: Fri, 03 Mar 2023 10:44:32 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=9b5cef6960e5d20257e989f3ab7c8f19

43 B
479 B

102ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=9b5cef6960e5d20257e989f3ab7c8f19

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G13X4D91RV7NGDQ3KRJC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=9b5cef6960e5d20257e989f3ab7c8f19
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: tvQouvG4ZOE6oS8LKbHdLxzaqdJ1Qqx02hYv1ibsc-qDNbYO3OI7EQ==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame AA65 43 B
304 B 75ms
18ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LVP4oMlU9EeBusZFYRB68jc4dAI4ZgAC

43 B
479 B

103ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LVP4oMlU9EeBusZFYRB68jc4dAI4ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MYQZH7JM3ABEMTJCBWMX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LVP4oMlU9EeBusZFYRB68jc4dAI4ZgAC
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame AA65 37 B
140 B 70ms
11ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=Uhgy0GLFT1K2q5KzO870oA&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=8B022BE7DBD91FB4

43 B
479 B

104ms
104ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=8B022BE7DBD91FB4

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PTA5HTQXJM5XXMA2KEN1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:37 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=8B022BE7DBD91FB4
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=5530005640573688319&ex=appnexus.com

43 B
479 B

103ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5530005640573688319&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 094YKVFH1YJBRHD217YX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 03 Mar 2023 10:44:32 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8182a104-faef-4c8b-9e47-681cf57539a3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=5530005640573688319&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=pab5FX8aR_-qMpxW0E6pqA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=pab5FX8aR_-qMpxW0E6pqA

43 B
479 B

103ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=pab5FX8aR_-qMpxW0E6pqA

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SKVRY8XM13XVSADDQ7AM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=pab5FX8aR_-qMpxW0E6pqA
date: Fri, 03 Mar 2023 10:44:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=wmJa94StpXxSBcLP7dgYGsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

105ms
104ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=wmJa94StpXxSBcLP7dgYGsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QS9WH7N32705AVXWHDZG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=wmJa94StpXxSBcLP7dgYGsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Uu2twxRrQiOCnFYYh4TqyQ&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

95ms
95ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1P2V813G067EQZ1JNWDD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame AA65 0
324 B 390ms
8ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EF4E4F2D91CF0164B40C75A9028F08E4

43 B
479 B

105ms
105ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EF4E4F2D91CF0164B40C75A9028F08E4

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CXT7M4PJMAC9P6HZDM9J
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 03 Mar 2023 10:44:33 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EF4E4F2D91CF0164B40C75A9028F08E4
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Fri, 03 Mar 2023 10:44:32 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=d77d55460610b5b377fb0086c323e69208209ef253afc5e511cd7abbfa397848

43 B
479 B

118ms
118ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=d77d55460610b5b377fb0086c323e69208209ef253afc5e511cd7abbfa397848

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZJSK3K6SPDYNS71TJX5B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:33 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=d77d55460610b5b377fb0086c323e69208209ef253afc5e511cd7abbfa397848
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=990A6B09-22F9-46CC-9FAB-AE3FD9C5A3A8

43 B
479 B

100ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=990A6B09-22F9-46CC-9FAB-AE3FD9C5A3A8

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 733QM905XHAA7T5D473H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=990A6B09-22F9-46CC-9FAB-AE3FD9C5A3A8
date: Fri, 03 Mar 2023 10:44:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 sd
us-u.openx.net/w/1.0/ Frame AA65 0
48 B 16ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072986&val=UdOVWJAwReGV46KDehIPFw&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=psyXZztARUqkHWVnX1Wdcg&dmt=3&ex-pl-n-g-hmt=Uu2twxRrQiOCnFYYh4TqyQ&ep=ttam_T219Ay-cPciHbT10mtQxdV2-zXVOnH-S51T8zu0pBk-TgVPXjMn42fvSYa3qn7ZQaT9bH4iDANDTyEBk9M5SeIDujunAfIXUY4gkMDQtLI2G4YZt3i-bPI-mThF9_sC4t9L7QVItap9WJ7LilNoUiKidwhgMY8qBEDs4KlFAw_dDGcuh6GQ0vDGeBqJeiVUvvpukxhAXe5Hq5y05d2PV8ryE1mmMO-deNM-T-pd0sbila4NkBbLQf50V8gVwEOUHzdBhNMsEpLZEGT6cSaiIrLKkbD_UPc6KDfeOtBoA9PeKTEZNZu9XYQaXgrkgYWx73MGAiAQ61MjudPbOWe9sb8SbUDqBKZJSFT5RNIVu-gvVl-XIHU6hrBJRKnL0ReAn4szIFSurZ8eH951uO1qYJvixeoaJObw_D4PrVRMFJAnz6JeMgjeYLcaLXaLrj-Q1RpBfu07NYUhOaegGcxVqgmKTr0tpT9i1oSRZ1W0i9VB4JS2u4JgNVMYLhzJdhKUJBWSK4sOR_qGYE5tJlzZkndC9zxBeMjcN-wcmn5Gq2I1yYYSMV60genWabjseAtxwpLSgz4zDcz4PSGeMiMmJx-2hQ3zv3eFfPQA7uYyNtX8UubHPYzduSLFbXLzhqN6x6gR4zoa_5kCnFS41x4YJKQ05VkIdnEt6KlEz1OdO0HGtlw67AGVxAPk6T_aH0vTplkGjwH09vM1GNgV4w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA65
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=254509e6-c452-4ff3-87c6-f998332548c1-tuctafb5511

43 B
479 B

97ms
97ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=254509e6-c452-4ff3-87c6-f998332548c1-tuctafb5511

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1QAYHZWMZCA8FD3DESJD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=254509e6-c452-4ff3-87c6-f998332548c1-tuctafb5511
date: Fri, 03 Mar 2023 10:44:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14806

GET
H2 200 st Show response
st.dynamicyield.com/ 115 KB
10 KB 200ms
109ms Script
text/javascript 2600:9000:2204:fe00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=5uumybfrq8u9gf4jg3sm6xmofhq4bccl&ref=&scriptVersion=1.158.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en_US%22%2C%22data%22%3A%5B%5D%7D
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:fe00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 90e61cbd46c110174d83659465c52940a4e2721c7d30dbeb90ebda310466d3f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:32 GMT
content-encoding: gzip
via: 1.1 ec354e6d520d6c5c48f3933476169122.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: Hlqgq5gegsf1baFGqlapOAjS_M9VgjeFiZySkdz7LFzrs1O3b6ODdw==
expires: Fri, 03 Mar 2023 10:44:31 GMT

GET
H2 200 back-to-top.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/images/svg-icons/ 280 B
506 B 16ms
15ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/images/svg-icons/back-to-top.svg?yocs=F_I_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:09 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 5420
x-yottaa-optimizations: ob/1000 si/2611cc028372-1675284435-1012432740 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 214
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.901589,VS0,VE1
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d586f/[15,12,-] 2611cc028372/[-,17.765]
accept-ranges: bytes
cf-ray: 7a20c492bc0ee273-ORD
x-dw-request-base-id: fgJx9um5AWQBAAB_
x-cache-hits: 1

GET
H2 200 feedback.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/images/svg-icons/ 281 B
487 B 17ms
16ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/images/svg-icons/feedback.svg?yocs=F_I_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:05 GMT
date: Fri, 03 Mar 2023 10:44:31 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 5321
x-yottaa-optimizations: ob/1001 si/2511cc028a76-1674081171-948854866 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 219
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.901841,VS0,VE1
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2521cc02852d/[264,262,-] 2511cc028a76/[hit]
accept-ranges: bytes
cf-ray: 7a20c6fc6e4bfa86-SJC
x-dw-request-base-id: fgIA9uW5AWQBAAB_
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 282941064f69458a172fd4afde71d175e6052eef6a63affe4c2bd3e924a26712

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cf5ecbc6fdf0be77cf51c616aab7400551c43efeff3ada55df9a2ae34873ca6

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 32F818_11_0.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa897774b/fonts/ 12 KB
13 KB 12ms
11ms Font
font/woff2 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa897774b/fonts/32F818_11_0.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08200626ba06885c7a9e4ff3c6ccb778055d293690b5004d3d2862e779d7e9fb

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 31 Mar 2023 11:44:55 GMT
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 34059
x-yottaa-optimizations: ob/1 si/33118cae0c64-1674156647-2141751760 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12570
x-served-by: cache-hhn-etou8220034-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.022297,VS0,VE3
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6c/[10,9,-] 33118cae0c64/[hit]
accept-ranges: bytes
cf-ray: 7a1e09640e34acda-ATL
x-dw-request-base-id: mMpbx7c6_2MBAAB_
x-cache-hits: 1

GET
H2 200 projectStick_play-button-icon.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw30f3b5c2/homepage/2023/02/ 711 B
814 B 8ms
8ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw30f3b5c2/homepage/2023/02/projectStick_play-button-icon.svg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 216afb6f186f4f8c2cf9c92bc7ce3f2b56809533e57c2bec3dc8533615a75f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 30 Mar 2023 19:10:26 GMT
date: Fri, 03 Mar 2023 10:44:32 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 33234
x-yottaa-optimizations: ob/1000 si/33118cae0c63-1674156646-1976543436 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 385
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.043750,VS0,VE1
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0ce6/[11,10,-] 33118cae0c63/[-,11.847]
accept-ranges: bytes
cf-ray: 7a1e1d85aa63b0d3-ATL
x-dw-request-base-id: mMq6s6JR_mMBAAB_
x-cache-hits: 1

GET
H2 200 us.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/lib/flag-icon-css/flags/4x3/ 24 KB
2 KB 69ms
69ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/lib/flag-icon-css/flags/4x3/us.svg?yocs=F_I_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9921de3508095a5524f6f35a0fa6d22077ed495adc9d58605ce53c8e0b89c4f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 09:12:05 GMT
date: Fri, 03 Mar 2023 10:44:32 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 5433
x-yottaa-optimizations: ob/1000 si/2611cc8d5868-1675284472-365055629 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1862
x-served-by: cache-hhn-etou8220046-HHN
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1677840272.199055,VS0,VE1
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d5877/[26,24,-] 2611cc8d5868/[-,28.420]
accept-ranges: bytes
cf-ray: 7a20c4435a112af6-ORD
x-dw-request-base-id: mMoE_-W5AWQBAAB_
x-cache-hits: 1

GET
H2 200 CSRF-GetToken Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 234 B
709 B 190ms
189ms Fetch
application/json 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/CSRF-GetToken
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/app.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 89c801bc7af033c0ff6958504b5894bfb6ee2625277685c87f9bfe969f308f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384c-1677800067-4849442310 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe382f/[161,158,-] 34D1a5fe384c/[-,164.004]
cf-ray: 7a2148e57a7976d1-LHR
x-dw-request-base-id: fgIjeJDPAWQBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CSRF-GetToken Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 234 B
712 B 206ms
205ms Fetch
application/json 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/CSRF-GetToken
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/js/app.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6e232450eec8cdc7668d021128de7b83bf86dcc7bdad5579eb72d6e3c5b9a2d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384c-1677800067-4849442311 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe382e/[178,176,-] 34D1a5fe384c/[-,180.230]
cf-ray: 7a2148e59f2a7501-LHR
x-dw-request-base-id: fgIleJDPAWQBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 EShopWorld-GetEswLandingFooterBar Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 262 B
711 B 256ms
256ms XHR
text/html 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/EShopWorld-GetEswLandingFooterBar
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/Sites-elf-us-Site/-/en_US/v1677834716745/lib/jquery/jquery-2.1.1.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: acb3511f732562de4549b37fe6f6a43a7cd624c8e7dc81fabe5fa05d43ded188

Request headers

Accept: */*
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384c-1677800067-4849442312 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
vary: Accept-Encoding
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe3830/[223,219,-] 34D1a5fe384c/[-,226.552]
cf-ray: 7a2148e5bfd0dd50-LHR
x-dw-request-base-id: yZwXMJDPAWQBAAB_
content-length: 195
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
579 B 16ms
16ms Fetch
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 49311
x-ms-lease-status: unlocked
last-modified: Wed, 01 Mar 2023 20:31:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2bc1e728-701e-009e-6118-4da1a1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a2148e5ba189c10-FRA

POST
H2 200 Api-SetTrackingAllowed
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 0
0 213ms
212ms Fetch
text/html 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetTrackingAllowed
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384c-1677800067-4849442313 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe3833/[184,181,-] 34D1a5fe384c/[-,186.856]
accept-ranges: bytes
cf-ray: 7a2148e5f807dc53-LHR
x-dw-request-base-id: yZwbMJDPAWQBAAB_
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 Api-SetCookieData
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 0
0 221ms
221ms Fetch
text/html 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetCookieData
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384c-1677800067-4849442314 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe3831/[190,187,-] 34D1a5fe384c/[-,192.916]
accept-ranges: bytes
cf-ray: 7a2148e5fe28777a-LHR
x-dw-request-base-id: fgIpeJDPAWQBAAB_
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 21ms
20ms Image
image/png 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 34341
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Thu, 02 Mar 2023 20:31:15 GMT
server: cloudflare
etag: 0x8DB1B5D11FE5D01
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 347e2727-301e-00d6-1046-4d933c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a2148e5ed055bf5-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 18ms
18ms Image
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 10:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 39307
x-ms-lease-status: unlocked
last-modified: Wed, 01 Mar 2023 20:31:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 749c3cbe-b01e-0126-2f25-4d0507000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a2148e5ed0a5bf5-FRA

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/1.158.0/ 181 KB
59 KB 11ms
11ms Script
application/javascript 2600:9000:21f3:e800:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 1a55fa64fdace75513520ac7ff9a0fcb193805ba870692498b4e9cea3bd24821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 09:53:34 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 09:45:49 GMT
server: DYCDN
age: 1039859
x-amz-cf-pop: FRA2-C2
etag: W/"ed48a67075313fd7062b2b29e027ddd5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: KmsEhDsG8Vhupa8OOVRJdgErKqrx4w5S-e_b1zO__uKUE4auFo7mQQ==

GET
H2 200 dpx
async-px.dynamicyield.com/ 0
0 156ms
102ms Fetch 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx?cnst=1&_=859746&name=User%20Session&props=undefined&uid=3039929990671093648&sec=8772046&cl=dk.w.c.ws.&ses=280ae44a6666d7a992f8bf71d1e84f72&l=def&p=1&sd=&rf=&trf=0&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799440&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%221313380441616681751%22%2C%222%22%2C%223%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%221313380442663213653%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%221313380442154981850%22%2C%221%22%2Cnull%5D%2C%5B%221261284%22%2C%2211209913%22%2C%2227119924%22%2C0%2Cnull%2Cnull%2C%221313380440675288893%22%2C%221%22%2Cnull%5D%2C%5B%221319536%22%2C%2211449246%22%2C%2227343816%22%2C0%2Cnull%2Cnull%2C%221313380442337585686%22%2C%221%22%2Cnull%5D%2C%5B%221267591%22%2C%2211602858%22%2C%2227287619%22%2C0%2Cnull%2Cnull%2C%221313380441602336775%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%221313380441529237056%22%2C%220%22%2C%222%22%5D%2C%5B%221353627%22%2C%2211652521%22%2C%2227466877%22%2C0%2Cnull%2Cnull%2C%221313380439122031556%22%2C%221%22%2Cnull%5D%5D&expSes=34343&tsrc=Direct&reqts=1677840272355&rri=613169&geoData=DE__
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: VEqSyjWIVfBBYeE5yy-xvO45m6sOA92-ZaGQAGuQlOGuptVHjoObkw==
expires: 0

GET
H2 200 dpx
async-px.dynamicyield.com/ 0
0 148ms
103ms Fetch 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx?cnst=1&_=266159&name=New_User&props=%7B%7D&uid=3039929990671093648&sec=8772046&cl=dk.w.c.ws.&ses=280ae44a6666d7a992f8bf71d1e84f72&l=def&p=1&sd=&rf=&trf=0&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%221313380441616681751%22%2C%222%22%2C%223%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%221313380442663213653%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%221313380442154981850%22%2C%221%22%2Cnull%5D%2C%5B%221261284%22%2C%2211209913%22%2C%2227119924%22%2C0%2Cnull%2Cnull%2C%221313380440675288893%22%2C%221%22%2Cnull%5D%2C%5B%221319536%22%2C%2211449246%22%2C%2227343816%22%2C0%2Cnull%2Cnull%2C%221313380442337585686%22%2C%221%22%2Cnull%5D%2C%5B%221267591%22%2C%2211602858%22%2C%2227287619%22%2C0%2Cnull%2Cnull%2C%221313380441602336775%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%221313380441529237056%22%2C%220%22%2C%222%22%5D%2C%5B%221353627%22%2C%2211652521%22%2C%2227466877%22%2C0%2Cnull%2Cnull%2C%221313380439122031556%22%2C%221%22%2Cnull%5D%5D&expSes=34343&tsrc=Direct&reqts=1677840272359&rri=7098350&geoData=DE__
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: w7V5A1NNuspbekNC4n-xuRn6X_5p7Tl_gGAVGINy18NIFL6BFzSI9Q==
expires: 0

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
382 B 142ms
107ms XHR
text/plain 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1677840272375
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: qbX8boOHIpsL3tq34D4nWaxY05qLQwhh42_6l7LDcVrW05IK3WZiyA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 134ms
103ms Fetch 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=203487&uid=3039929990671093648&sec=8772046&t=ri&e=1071690&p=1&ve=9891223&va=%5B25820092%5D&ses=280ae44a6666d7a992f8bf71d1e84f72&expSes=34343&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=1313380442663213653&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1677840272379&rri=4936994
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: UfpTc2WugZ6eC6cWoV7q08kNeNGjI-HzkhnoETrit5VPI8AAaS_FrA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 134ms
104ms Fetch 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=333207&uid=3039929990671093648&sec=8772046&t=ri&e=1122259&p=1&ve=10259311&va=%5B26195955%5D&ses=280ae44a6666d7a992f8bf71d1e84f72&expSes=34343&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=1313380442154981850&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1677840272380&rri=7182106
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: JzDWQt6R2bD-_M_9FaGb73xHvnk9eeo8IPhRTixMjwCtNlaavOqsig==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 133ms
103ms Fetch 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=914823&uid=3039929990671093648&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=280ae44a6666d7a992f8bf71d1e84f72&expSes=34343&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=1313380440675288893&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1677840272381&rri=4447370
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: jdwSzs38fdS6CqzQ8xDitjLj7Ab0thJNf87TklddQQ_bVL0AessFdA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 131ms
102ms Fetch 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=491728&uid=3039929990671093648&sec=8772046&t=ri&e=1319536&p=1&ve=11449246&va=%5B27343816%5D&ses=280ae44a6666d7a992f8bf71d1e84f72&expSes=34343&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=1313380442337585686&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1677840272381&rri=543687
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: x9aU85U0P0ckwxb7eJC2g5HlzUv400ifGYQqGzai87L_3Rl3WEog5g==
expires: 0

POST
H2 200 batch
async-px.dynamicyield.com/ 0
382 B 121ms
103ms Ping
text/plain 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1677840272451_441287
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 6USAFSrF-WI4sV1pUQSUo27_7boD6xs9tXAXQSn03YbFs1fsEPvUdQ==
expires: 0

POST
H2 200 clog Show response
px.dynamicyield.com/ 0
228 B 460ms
226ms XHR
text/plain 52.45.0.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.dynamicyield.com/clog
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.0.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-0-112.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

POST
H2 200 clog Show response
px.dynamicyield.com/ 0
227 B 460ms
226ms XHR
text/plain 52.45.0.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.dynamicyield.com/clog
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.0.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-0-112.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 __Analytics-Start
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 35 B
525 B 176ms
176ms Image
image/gif 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.elfcosmetics.com%2F&res=1600x1200&cookie=1&ref=&title=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.9103747409069973&cmpn=&tz=US/Pacific&pcc=&pct=__ANNONYMOUS__&pcat=&dw_dnt=1
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:32 GMT
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/0 si/34D1a5fe384c-1677800067-4849442332 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe383d/[128,126,-] 34D1a5fe384c/[-,130.538]
accept-ranges: bytes
cf-ray: 7a2148e96c4c75c3-LHR
x-dw-request-base-id: yZwpMJDPAWQBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1951359635&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&ul=en-us&de=UTF-8&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6HgACAABBAAAAAAEKk~&cid=1014668699.1677840271&uid=&tid=UA-432816-1&_gid=603757416.1677840274&gtm=45He3310n81T7MZLHP&gcs=G100&cg5=home&cd1=%3A%20&cd2=0.38024245504823484_1677840273764&cd4=0&cd5=&cd6=&cd7=&cd8=false&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537&cd14=home&cd15=&cd21=US&cd99=test&z=480216863

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 02:51:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28378
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET goodVibesLaunch_D_1.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e42990e/homepage/2023/01/ 0
0

GET
H2 200 goodVibesLaunch_D_1.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e42990e/homepage/2023/01/ 303 KB
304 KB 50ms
50ms Image
image/jpeg 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e42990e/homepage/2023/01/goodVibesLaunch_D_1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 0c9db9dddd952893ef706c0883ccbc82e9685a737fb526ef107640cd881ce58a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-yottaa-forcecache: true
date: Fri, 03 Mar 2023 10:44:33 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 31254
x-yottaa-optimizations: ob/101 si/34D1a5fe384c-1677800067-4848839297 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3421a5fe3897/[11,-,1677807407280] 34D1a5fe384c/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 7a1e26875b9c742b-LHR
x-dw-request-base-id: mMpt895GAWQBAAB_
content-length: 310562
expires: Sun, 02 Apr 2023 01:01:18 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1951359635&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&ul=en-us&de=UTF-8&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=6HgACAABBAAAAAAEKk~&cid=1014668699.1677840271&uid=&tid=UA-432816-1&_gid=1837757767.1677840274&gtm=45He3310n81T7MZLHP&gcs=G100&cg5=home&cd1=%3A%20&cd4=0&cd5=&cd6=&cd7=&cd8=1014668699.1677840271&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537&cd14=home&cd15=&cd21=US&cd19=1014668699.1677840271&z=1608923766

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 02:51:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28378
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 301ms
7ms Ping
text/json 140.174.14.165
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 140.174.14.165 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Mar 2023 10:44:34 GMT
access-control-expose-headers: X-Results-Data-Source
access-control-allow-credentials: true
cache-control: no-cache
timing-allow-origin: *
content-type: text/json

GET
H2 200 sensor.js Show response
elfco11111.pcapredict.com/js/ 100 KB
15 KB 68ms
10ms Script
text/javascript 34.117.233.127
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://elfco11111.pcapredict.com/js/sensor.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 127.233.117.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 49d7b4f1b3b628c4e142db709888548f3acdf83f82d2c7207070ca94a70d14b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:43:38 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.2
age: 55
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=60
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14753

GET
H2 200 sdk.js Show response
plugins-media.perfectcorp.com/c695/ 406 KB
116 KB 983ms
945ms Script
application/javascript 13.224.189.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins-media.perfectcorp.com/c695/sdk.js?apiKey=WZAntXUwJQKcfXEl4AR5w==
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef01c7ec294cd078695a8594328731d6b2c20661f29c58a21d333acb4207ab8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:35 GMT
content-encoding: gzip
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jul 2020 07:42:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "8c5f7ea7a694971e1dc455e14f45fe1a"
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 118334
x-amz-cf-id: U6_yrIX4JKUVH651MLV6PRTsZb656c60VEaT2sxKlz77Na4QMx26EQ==

GET
H/1.1 200
OK tags.js Show response
imgs.cdn-btsg.com/fp/ 94 KB
13 KB 98ms
17ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.cdn-btsg.com/fp/tags.js?org_id=w2txo5aa&session_id=aHR0cHM6Ly93d3cuZWxmY29zbWV0aWNzLmNvbS85YTI5ODY2ZjYxNWM5ZjVlMTBiNjU5ZGZlNQ==&pageid=2

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2cbe017fe7e67d89efb5f94d146b58c03cc8968142131ea3cb7f8cf0def77347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
pagead2.googlesyndication.com/pagead/conversion/698270988/ 0
0 108ms
45ms Script
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/conversion/698270988/?random=1677840271046&cv=11&fst=1677840271046&bg=ffffff&guid=ON&async=1&gtm=45He3310&gcs=G100&gcd=G100&u_w=1600&u_h=1200&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&tiba=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&bttype=purchase&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 loader.js Show response
cdn.usehero.com/ 90 KB
27 KB 184ms
9ms Script
application/javascript 2600:9000:20eb:5a00:13:d6f4:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usehero.com/loader.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5a00:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a788adfe7140c420c31160d3c6b672d2cfc2790dec4423f51c10687a3cf6312e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:28:42 GMT
content-encoding: gzip
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Thu, 09 Feb 2023 13:27:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 954
x-amz-server-side-encryption: AES256
etag: W/"233be1d975594ab4f53fe29b61c7f616"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: uXir3hZWjeycxrK28sk_Ie4PZCxg92-npCntF2b8hnnDmxfc9zSnjQ==

GET
H2 200 pixel.js Show response
track.custora.com/ 6 KB
7 KB 108ms
9ms Script
application/javascript 13.224.189.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.custora.com/pixel.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-43.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9ffe1174d267725dc5c46203d0795ec0c2e489e270a8368b73303bb894e7a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:55:42 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Wed, 18 Nov 2020 11:16:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 17333
etag: "bacb17d20515386f491f96447886b038"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6571
x-amz-cf-id: DT4pfjulWCCa1LuXjYdUwa4DBQIy_-1dxj_ASDE6-CSFSfwgDrRJHA==

GET
H2 200 i.js Show response
tag.wknd.ai/4142/ 14 KB
5 KB 129ms
8ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/4142/i.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 82593b7e1b1ddbf7167fa7104f05c270489ce0fa63bcb5c4823dc19834b18f58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:43:41 GMT
content-encoding: gzip
via: 1.1 google
age: 53
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4604
server: istio-envoy
etag: 18ab41ac794679
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 66ms
8ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:43:33 GMT
content-encoding: gzip
age: 61
x-guploader-uploadid: ADPycdu38tqFY0f-T7MAGIfn2nf-LCNh4cCLSAXseWJnPAYzJWNR4xFDWIHZfahQf7xd8KgZAa4F5wyxALmBWVgkIgVLFhVlt7mF
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Fri, 03 Mar 2023 11:43:33 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 471 KB
168 KB 73ms
38ms Script
text/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b21e77de6f67b4a530f42d9aa7c0bb9afea74c2372c22f58a8dfa5f5a05bae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1677170021
age: 246
x-guploader-uploadid: ADPycdvyn7kgYqYNECHxU2HcUZfaPrryUQcCBzh7jzy4If1C9pyZmIGk1b1tbTjpYAZmlDCdKBNce4OxYOx7jcLg3QtP7A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 23 Feb 2023 16:34:22 GMT
server: cloudflare
etag: W/"25350aff689524382c7d906f925cb1dc"
vary: Accept-Encoding
x-goog-generation: 1677170062636675
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Tb1mkg==, md5=JTUK/2iVJDgsfZBvklyx3A==
access-control-expose-headers: *
cache-control: no-cache
x-goog-stored-content-length: 481913
cf-ray: 7a2148f0bd7e9b70-FRA
expires: Sat, 02 Mar 2024 10:40:28 GMT

GET
H2 200 site.min.js Show response
edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/ 155 KB
33 KB 471ms
405ms Script
application/javascript 2606:4700::6812:1ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e1f05e590ddd81cdedefacedca609d2560b65de9fe51a4e030051275671e14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
x-amz-version-id: rAPtwPRhHwqv1BJ92ckJkXT_MvvXb78H
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Oct 2022 18:38:06 GMT
server: cloudflare
x-amz-request-id: 9RTRBW1NT9MSBQM4
etag: W/"647f47fa8fb971578f4df9d7f106f74f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800,s-maxage=1800
x-amz-replication-status: COMPLETED
cf-ray: 7a2148f0fbb63a4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: vNkrXSPCOd7tOOmzfjF9G43Ji5uC2npcL2aJv2U/HdZfFwWY29J8m37Vnl88/B7rwUzaRtsNIFk=

GET
H/1.1 200
OK check.js;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E Show response
imgs.cdn-btsg.com/fp/ Frame 13F2 263 KB
44 KB 25ms
24ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.cdn-btsg.com/fp/check.js;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&jb=35312426687b6777355f616c646d75732c687b6735556164666d757325303a3b382e6071607735436072676d6f26627168374b60786d65652f3832393930

Requested by

Host: imgs.cdn-btsg.com
URL: https://imgs.cdn-btsg.com/fp/tags.js?org_id=w2txo5aa&session_id=aHR0cHM6Ly93d3cuZWxmY29zbWV0aWNzLmNvbS85YTI5ODY2ZjYxNWM5ZjVlMTBiNjU5ZGZlNQ==&pageid=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

fdbbf833a530e094f1e0ae35177214f92178dbab384f343ffbf9ec41d7b164a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
tmx-nonce: 22e961122da7e07f
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
imgs.cdn-btsg.com/fp/ Frame 13F2 81 B
474 B 40ms
14ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.cdn-btsg.com/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
imgs.cdn-btsg.com/fp/ Frame 13F2 81 B
475 B 22ms
13ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.cdn-btsg.com/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 widget.js Show response
js.jebbit.com/companion/v1/ 93 KB
93 KB 99ms
9ms Script
application/javascript 2600:9000:20eb:f800:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f800:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dce1686ab8414249a2135c0d765b4694cc13a0942c338dc426935e96a47e7692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Z5t5auaXvD4ix8cwr5LKWH0g55_Cgbhv
date: Fri, 03 Mar 2023 05:20:38 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 16:58:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 19437
x-amz-server-side-encryption: AES256
etag: "99bd67c027ceb666c6600277adf4f317"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 94964
x-amz-cf-id: ZXPVNgA8iAyyyTbR5Re0c9g4R9LB4WpAahsOp2g9IR8yLRAnlvd95w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 40ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Mar 2023 10:44:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FuFqg0kp5kyyiwR8RsK8lan1O5521fXQHR+6/yT6B8Fnq61aYKhB9lpl6ZO6mxfjNJXxBDRDXcDsjo36LDAUMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
analytics-sm.com/js/v1/ 2 KB
2 KB 67ms
8ms Script
application/javascript 13.224.189.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-sm.com/js/v1/beacon.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:43:36 GMT
content-encoding: gzip
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified: Mon, 18 Nov 2019 20:56:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 80
etag: W/"ab9f4a2518b1913f8a45b16f69d1c7a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600, no-transform, public
x-amz-cf-id: F5sqQCnyPzQPhpj_iVF1eqA5cr-jZOU-7SXtm9jx9X5O-BsnsCEHlQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
81 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf5968df6950811af6d4b89af7ff179df0bc38d1bd8374cfba37828341186445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Mar 2023 10:44:34 GMT

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 150ms
150ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
server: Google Frontend
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 51d2a08ea23cd5776a38ff9b9ddbe191
function-execution-id: 3js4pfclzjqd
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 170ms
131ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Fri, 03 Mar 2023 10:44:34 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: dbqx4a7d54qi
server: Google Frontend
x-cloud-trace-context: c7b2fe62cca282f978edcdfc21b4e6f9
x-powered-by: Express

GET
H/1.1 200
OK clear.png Show response
imgs.cdn-btsg.com/fp/ Frame 13F2 81 B
536 B 42ms
14ms XHR
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.cdn-btsg.com/fp/clear.png

Requested by

Host: imgs.cdn-btsg.com
URL: https://imgs.cdn-btsg.com/fp/check.js;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&jb=35312426687b6777355f616c646d75732c687b6735556164666d757325303a3b382e6071607735436072676d6f26627168374b60786d65652f3832393930

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, w2txo5aa/22e961122da7e07fahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 03 Mar 2023 10:44:34 GMT
Server: Apache
Etag: 6b2b898441cf4dff8f90ea1a7e84d7c7
Content-Type: image/png
Access-Control-Allow-Origin: https://www.elfcosmetics.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Wed, 01 Mar 2028 10:44:34 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E Show response
imgs.cdn-btsg.com/fp/ Frame 0456 91 KB
14 KB 18ms
17ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.cdn-btsg.com/fp/ls_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

9bb422e4efd4af11054081bda08e586e2b39736f62062e6652e7828133ca0b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 03 Mar 2023 10:44:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
imgs.cdn-btsg.com/fp/ Frame 13F2 0
387 B 16ms
13ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E Show response
h.online-metrix.net/fp/ Frame 6B99 104 KB
16 KB 72ms
17ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

92aaca5a334e215f2dfca87a6c6dee3f870294815e5f90f5ccf018bbf06be596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 03 Mar 2023 10:44:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E Show response
imgs.cdn-btsg.com/fp/ Frame 11CC 90 KB
13 KB 22ms
16ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.cdn-btsg.com/fp/top_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2d5b0823d6090e46f9cae27a6bd568a72b50c1e5f4673724ea2473cb9c45354d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 03 Mar 2023 10:44:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
imgs.cdn-btsg.com/fp/ Frame 13F2 0
219 B 15ms
14ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.cdn-btsg.com/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&ja=31303234242e6b3f382e723f3024643d3b34383870333a3a322463663d333c3a38703b3032322e737079353072302e667a78353926333e303a26333a38302e393c3a302c3b303a3826313638322c333a383224393e32302e33323a32243824322e67763f633838306b686b6c693535666c666c6631656b383c333b3e3f383c6031613d6b2465663d362e7969643d38362c64623d687c7670712d3b432d3a4e27324475777d2c6d646e6167796f6776696371246967652f304424786c35332e70623d3f3a6c3830696b346a636c6867393933603f393237616f326e3b6864623a66342460603f3b3c6a30613035373e34316e6a663c69323060366360336c3a693a6037346b372e6a7b6f3757616c6e657f7b2f3038313a2c687b6a3d416078656d652f303a393b302662716f77355f6b666c6775732468736877354b6070676767246c68633f3e2c666c673f3a24666d7c7035302c747266374f7c6b2f304e5564616c677f6e24656b7e687237363a383964316b3062676b38306d3e6b61353432303230696c39373d3e3233646434373232393c3b66346769613a346c6333346964686e3f3a39333b31333c632e6c723f607e7e70732f314b2d3846253a4477757f2667646e6b6d736f677463617b266b6d652f304424703d72667f6f61645d646e697360253d456c6164716f2b78647f65616e557d6b666c6f757b55676564636355786661796d7025374d6e63647b6d23706e7767636c57696c6d6a6f5d6361726f606b7e2d3d4f64636e7b65297064756d69665d7b7f616b6176616d6f2f374d6e616e7b6f2b706c7f65636655736867616b75697e672d3d4d64616e71652b72647d6f6b66557067636c706e6b736d7a2f374764696c7b65297066756f6b64557e64695d786c6b73677a2d35476e6b6673652b72667d6d696e576665746964747a2d3d4766636e736f2378647d6561645d7174675f74636f7f6d782737476e6164736d217a6c7d65636457626b7469253f4f64696473672e6d665f6337756f6a6d6c576d60474e2d3a323926382732322a4f7a67664f44273a3a475127323030243a2d3a3a416a70676d617565295d656a45462f3a384d4e5b4c2f38324d5b2530383b243025383222477a656e4f4e2530384d512d3a38454c514e2538324d5b2d30383b2c32273230416278676563776f2b5f656a4b61745d656a49637e2d3a3a556d624d4643464f4c4757636473746b6c696d6e5f617a70617b7b2d314a2d3a32455a565f686e6d666c5d65636c6f63782531482f3a384f5a565d6b6f646f7a5f68756e646f7857606b6e6e5f6c666d697c25314a2f3830455256556e666f617c5d626e6d66662d3b4a27323247585e5d6e7a6965576e677276682531482f3a384f5a565d7b6869646d7255746d7a7e7f7a6d556e67642f39402d3a3047505e55746572767f7a6f5f63676f70706d7b716167665d627276632f314a2d3a324d52565d766578767f786d57696d6f727a657b73616f645f7a657e692d3b48273a304f5256577c657a7c7f78655f6c6b667c6f725f696c6971677c70677861612531402538324d505c5d7b58454027334227383a474d595d676e6d6d6d6e7c5f636e6c6772557d6164762d33482f3038474551576c686f5f7867646c6f725f656b706f6978273b4a2d30304d475355717c6966666978665d6665726b7c6b7c617c6771273b422d32384f4f5357766f727c7d786757666665637c2d33402d383a4f45595d7e6d7274757a675f646467637c57646b6e6763722f314a2d3a32474f515d766578767f786d5762636e645766646f69742f334a27383a474d595d7c65727e777a6d5f6a69666c5f66666d6b7c556c69666761702d3b402d3a384d45515d766f707c6d705d697870637b5f6f60606f6b7c2f3140273a305f454a47465f6b6d66657a5768776e666f785d6e646f637c2f39422538325d4d48474c57616f6f787a677b7b6d665f7667787e777a6d57637b7e6127314225303a5d4d4a4d4e5d61676d78726d7379656c5d7e6f707c7f706d5f6f7e612d3b42273a3a5d45424d4e556b656d707a6773716d6c5d7c6d70767570675f6f766b392d314a2f30325545424546556b67677270677b736d6457746f787c77786f577b39766b253948273a3857474a4d465f63656f7a7a6f73736d665f766d70767d7a6d5d7331766355717a6f6a273b482730325745404d46576c6f60776557726d6e6c6578657a5d63646e672f314a25383a554d4a474e576e6f7074625d7e6d7274757a6725314a2d30385f4d40474e5d6478637f576a776e6c6770712533402f38385f4f40454e576c67736d5f696f66766f727c2d39402d323a5d474a4f4c5d657f667469556678697d31362e656c5d6035316e6e3d66666436373e326c6c6b36383d6734306265326f3d3c6c383737363e3138346c34383531247d6d647e374b66746f66273a38496c6b242c77676670374164746564273232417a6b7b2d3a324f72676e4d4e2d3a3847666d6b6c672663616e3739&jb=313d37266e79354f6772616e6c6327324c3726382d303822556b6c646f75792f3a38445627303831382e382539422d303a5d61663c362d33482f3038703636212f3830417a72666d5d6562436b74273a4e373b3f2631362730302249405c454e2d38412730306c6b616f2d3a3a456761636f21253a3049687a6d676f2d3a4c333930243a2c3d3c3833263b3d3725383259696c6172612732443d3b35263b3e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
w2txo5aaukx5wkdxjpzkppltoswpxyyqziplnt5g22e961122da7e07fam1.e.aa.online-metrix.net/fp/ Frame 13F2 81 B
438 B 86ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w2txo5aaukx5wkdxjpzkppltoswpxyyqziplnt5g22e961122da7e07fam1.e.aa.online-metrix.net/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

nfEmbeddedService.js Show response
elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/
Redirect Chain

https://elfcosmetics.secure.force.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1677840270862
https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1677840270862

5 KB
3 KB

978ms
115ms

Script
application/x-javascript

13.110.46.156
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1677840270862

Protocol

HTTP/1.1

Server

13.110.46.156 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c6-iad5.na153-ia5.salesforce.com

Software

Resource Hash

05afd7115e1e4e6835deb4080f8b300a058786683a9ef7ec2af25e4038885905

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:44:35 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 6 Nov 2019 02:20:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
Content-Length: 1781
X-XSS-Protection: 0
Expires: Mon, 17 Apr 2023 10:44:36 GMT

Redirect headers

Location: https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1677840270862
Date: Fri, 03 Mar 2023 10:44:35 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Security-Policy: upgrade-insecure-requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK en-us.js Show response
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/ 47 KB
5 KB 11ms
11ms Script
text/javascript 104.117.196.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/en-us.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.117.196.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-117-196-56.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3f1d956810dfba4137ce3ff24407f5e13694578b3fb1440468f28ed6f6146b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Date: Fri, 03 Mar 2023 10:44:34 GMT
Last-Modified: Thu, 26 Aug 2021 21:20:49 GMT
Server: Apache
ETag: "22004f-bd57-5ca7cf0e07274"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4799
Expires: Fri, 03 Mar 2023 10:59:34 GMT

GET
H2 200 swiper.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.6/js/ 268 KB
40 KB 42ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.6/js/swiper.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e6fdfe0de25d903ebf13597e3ac3615fb3c50df486cdf1da967650fcabae659

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1253935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39981
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-43186"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiyx8daZvB8%2FKybhggLUpT7pucuiOGS2B96REjQ3OWAsiQGUl81sAu%2Bk2gSx8JUAc73Qnt2c5NelVKztUwiOFF5hCa8waE%2BbgJQccg%2FoLyj63TmkQvsK0z%2F8zF0DTZc3%2Bob2SJAcOAF%2Beg4uFf5N6HRM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a2148f17b8e2c72-FRA
expires: Wed, 21 Feb 2024 10:44:34 GMT

GET
H2 200 products-in-all-categories-top-sellers Show response
e.cquotient.com/recs/bbxc-elf-us/ 8 KB
2 KB 561ms
193ms Script
text/javascript 44.241.147.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e.cquotient.com/recs/bbxc-elf-us/products-in-all-categories-top-sellers?callback=CQuotient._callback0&_=1677840273769&_device=windows&userId=&cookieId=&emailId=&anchors=id%3A%3A%7C%7Csku%3A%3A%7C%7Ctype%3A%3A%7C%7Calt_id%3A%3A&slotId=home-slot-3&slotConfigId=2020%20New%20Carousel&slotConfigTemplate=slots%2Frecommendation%2Felfcarousel.isml&ccver=1.03&realm=BBXC&siteId=elf-us&instanceType=prd&v=v3.0.1&json=%7B%22userId%22%3A%22%22%2C%22cookieId%22%3A%22%22%2C%22emailId%22%3A%22%22%2C%22anchors%22%3A%5B%7B%22id%22%3A%22%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22%22%2C%22alt_id%22%3A%22%22%7D%5D%2C%22slotId%22%3A%22home-slot-3%22%2C%22slotConfigId%22%3A%222020%20New%20Carousel%22%2C%22slotConfigTemplate%22%3A%22slots%2Frecommendation%2Felfcarousel.isml%22%2C%22ccver%22%3A%221.03%22%2C%22realm%22%3A%22BBXC%22%2C%22siteId%22%3A%22elf-us%22%2C%22instanceType%22%3A%22prd%22%2C%22v%22%3A%22v3.0.1%22%7D

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.147.216 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-147-216.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

31d7791f74b6575b6dfa09e3e3f01c5425e48ad23c1f433a9ecf214cd432e55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
etag: W/"1fdc-uYbHTjNB55NbHOw1zS8dS+4YbIQ"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-store
x-envoy-upstream-service-time: 12

GET
H/1.1 204
No Content clear.png Show response
imgs.cdn-btsg.com/fp/ Frame 0456 0
387 B 13ms
13ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imgs.cdn-btsg.com
URL: https://imgs.cdn-btsg.com/fp/ls_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgs.cdn-btsg.com/fp/ls_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/elfcosmetics.com/ 161 B
715 B 237ms
117ms Fetch
application/json 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/elfcosmetics.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 891925a10bb04f4e4a7080bd887c0e7330410c5ec5b4657abf9f0906ceff85b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdssukbkRSQMYU6IjlVtfEKFuYU91JMybWdYqNFOehAEKkrADyEBsBTbTraKWbIMzhYntbSnwFE14ukEj4sKsgeGDNwwNZPQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 08 Feb 2023 13:51:40 GMT
server: cloudflare
etag: W/"462c501edfec06d001c08243b77db600"
vary: Accept-Encoding
x-goog-hash: crc32c=t11iTQ==, md5=RixQHt/sBtABwIJDt322AA==
x-goog-generation: 1675864300670195
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-cache
x-goog-stored-content-length: 161
cf-ray: 7a2148f29ae89c04-FRA
expires: Sat, 02 Mar 2024 10:44:34 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 95ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je3310&_p=1951359635&gcs=G100&cid=1014668699.1677840271&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677840274&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&uid=&en=page_view&_fv=1&_ss=2&ep.delivery_iso_country=US&ep.page_type=home&up.user_logged_in=false&up.user_country=GR&upn.user_age=0&up.user_has_transacted=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pv
t.custora.com/ 43 B
105 B 317ms
92ms Image
image/gif 50.17.237.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.custora.com/pv?a=8f1a98db0530a45&b=web&vi=079a688d-fd7a-4278-b16a-e5f3518643bc&h=www.elfcosmetics.com&p=%2F&t=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&ag=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&ts=1677840274263
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.237.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-237-61.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
content-type: image/gif

GET
H2 200 1638306756445368 Show response
connect.facebook.net/signals/config/ 388 KB
110 KB 173ms
172ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1638306756445368?v=2.9.97&r=stable

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a820970b045c22f53b3ef7ccae7c60f8e9310aaac93a08799b87a02bc612665

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Mar 2023 10:44:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oUBh1azSVuOB/LmD9Z7D7JGyb8kl0Fd7JM+ZBTC773N3EFbf9UuGhRs7ZQ0qxDVmQLeWUJfnUuL/pEULmpXmnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 display Show response
api.usehero.com/webplugin/ 129 B
680 B 111ms
111ms XHR
application/json 52.2.163.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Fwww.elfcosmetics.com%2F&state=untouched&outboundFeature=&visitorId=e96b2d4a-59b9-421e-ac0e-a412b9688de7

Requested by

Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.163.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-163-124.compute-1.amazonaws.com

Software

Resource Hash

f728b2a3472bdb7b12fe2b3ad324f86306d5ebfd9a22970cdb9d75865437181f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-hero-api-version: 2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-time-zone: Europe/Berlin
x-geo-longitude: 13.35370
content-length: 129
x-request-id: 2d4f3301-e466-4cf2-805c-e4338b996212
etag: W/"81-DUL/7m3RpQ4iaY5LE5GkpykgL0I"
access-control-max-age: 21600 always
access-control-allow-methods: *
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-country: DE
x-geo-city: Berlin
x-geo-latitude: 52.53090
x-geo-zip: 10559
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Language, authorization, x-hero-application-id, x-hero-api-version, x-api-version, x-cache-control, twilio, x-dashboard-request
x-accuracy: 500

GET
H2 200 /
analytics-sm.com/ 68 B
387 B 8ms
8ms Image
image/png 13.224.189.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-sm.com/?bid=1b87e0d2-5680-445d-84db-07eca8226b6b&smuid=1677840935105&bt=1677840274305&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&url_path=%2F&title=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:12:29 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified: Mon, 15 Oct 2018 15:03:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 7623126
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache
content-length: 68
x-amz-cf-id: BGYWMiP8vdOnXd5G3qQRlmy41pN_8ku7Vu9-Gn6xSE3QiPtR8HJqDg==

OPTIONS
H2 200 display
api.usehero.com/webplugin/ Frame 0
0 317ms
98ms Preflight
text/plain 52.2.163.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.163.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-163-124.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hero-api-version
Access-Control-Request-Method: GET
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Accept-Language,authorization,x-hero-application-id,x-hero-api-version,x-api-version,x-cache-control,twilio,x-dashboard-request
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 21600 always
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 03 Mar 2023 10:44:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-accuracy: 500
x-country: DE
x-geo-city: Berlin
x-geo-latitude: 52.53090
x-geo-longitude: 13.35370
x-geo-zip: 10559
x-request-id: b7918053-b0d4-4716-813f-ca771a683d09
x-time-zone: Europe/Berlin

GET
BLOB 200
OK 41b9bff9-74db-40a4-b082-2b521d4dd16d
https://www.elfcosmetics.com/ 56 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elfcosmetics.com/41b9bff9-74db-40a4-b082-2b521d4dd16d
Requested by: Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c94b4779bff56e7086c76e350336d941709016205282c9271a887f1547f717c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 57234
Content-Type: text/css

GET
H2 200 launcher_configs Show response
external-api.jebbit.com/moments/v2/ 2 B
488 B 126ms
32ms XHR
application/json 2600:9000:21f3:6600:1b:50c2:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzLmNvbSUyRg==&completedLightboxCampaigns=W10=&jebbitCookies=

Requested by

Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:6600:1b:50c2:4000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block
x-amz-cf-id: 6OpFoeDGU3t_KeaLm6F4YlbB37TFYXTDMPCHNGMhjuIKwFlvFY66Jw==

GET
H/1.1 204
204 clear1.png;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E
imgs.cdn-btsg.com/fp/ Frame 13F2 0
400 B 21ms
20ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.cdn-btsg.com/fp/clear1.png;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&jf=3439342671616c5d7a666c3f7466705f5c5a434c3b7a5a7c5a507b7a684d6c422e7b63665d6669746d3d39363d3730363a383f3c2c716164557e7b786d3d756d683065636e716b2e7969645769657b353b323d313b32313132363a353a6930343c326167316430303a3b383e3a3a306330363c386b65396438313a3b383f3a313c323a3a323c38363a3f6b6e32373e3a686a3e61323931333a693d6730396b64323a67343e376c316c3b3e3f333036383466326f306a6934646030663f383b6338366b3b6f6f3a3d6f343a66683f363a30616730693a323432603c313932393a66633b38383a6e3e3a32336036316864306e3c306c3a3663313335633c393e6a6833373339342e736164557361653739383c3f323a323b3a32303d3633303e3e64333a31393b6b39356b6164643e3b67303f383563373438333a3d3a6d643a693534643237366f3d3b3e3c3b633530373e376c626c663d673e3a3a3a3a346a663c3d306d3b3067313c39326632666f6d396561383438313b6b343b393e37333a30613d61396d3b6430326361313538376e3f3c6e3b3461366e623c64302679696e70373a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=2DBA90A75709020B6A43977D499B27A9
h.online-metrix.net/fp/ Frame 6B99 0
400 B 19ms
19ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=2DBA90A75709020B6A43977D499B27A9?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&jf=3439342671616c5d7a666c3f7466705f4e613171406a3940534540636b6b645e2e7b63665d6669746d3d39363d3730363a383f3c2c716164557e7b786d3d756d683065636e716b2e7969645769657b353b323d313b32313132363a353a6930343c326167316430303a3b383e3a3a306330363c386b65396438313a3b383f3a313c323a3a323c3835323d3b3e37656e353e3b3965346e63393a3d3d31313a3031633734373c31386d39613f6e3730376433603868306d6e3337613d346b353f653c353a316c3b38386e373f353f3935383a633a3a393335356c3732396f32613c6434353c31676b393b60626636333e313d3e3a616b6f376663613035683869393c37673b6d362e736164557361653739383c3f323a323b3a326a3064316c69386532333b3a3c3b6637383431673a6b336c3f3b66656032613b663b306a333d68663a60643736396c393d696130363c3739613f6433666c30393a3a3a3a313133693e673e6b3763396f33653333303c3f6936333e3631613b39646e3f3c30373367643c636c383867386e3333676234666b6c386b3d3730616a383138302679696e70373b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7101FD5C54E23C39CFED086FC7AED14E?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 __Analytics-Start
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 35 B
524 B 171ms
171ms Image
image/gif 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.elfcosmetics.com%2F&res=1600x1200&cookie=1&ref=&title=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.9826251476856456&cmpn=&tz=US/Pacific&pcc=&pct=__ANNONYMOUS__&pcat=&dw_dnt=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:34 GMT
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/0 si/34D1a5fe384c-1677800067-4849442350 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe3899/[136,132,-] 34D1a5fe384c/[-,146.542]
accept-ranges: bytes
cf-ray: 7a2148f32a43dd7d-LHR
x-dw-request-base-id: fgJReJLPAWQBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 239 KB
30 KB 19ms
19ms Fetch
application/json 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69dc008077fc9368a11f50ec07b2349100903b7a1907bd349bf54ab720cbd136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1677169996
age: 1542
x-guploader-uploadid: ADPycdtww3q6HVm0jTQaezAN_2Q1pWW6zZn3z-KJTQGptV5shss4jHb4vnCEfi-1bWAojJ1GEYu48eXbuXMAuPNEpTE3RJe-kPy8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 23 Feb 2023 16:34:18 GMT
server: cloudflare
etag: W/"8def78dba10679a8c3b638b0c274f6d1"
vary: Accept-Encoding
x-goog-generation: 1677170058090290
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=fhZhMg==, md5=je9426EGeajDtjiwwnT20Q==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 244609
cf-ray: 7a2148f35bea9c04-FRA
expires: Sat, 02 Mar 2024 10:18:52 GMT

GET
H2 200 logomono.svg
cdn.acsbapp.com/apps/app/dist/media/ 4 KB
2 KB 16ms
15ms Image
image/svg+xml 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.acsbapp.com/apps/app/dist/media/logomono.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 846745b9f0e7bb77e945f00c4255540eefc3c2335f9f596895589ff58967f465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1676295519
age: 164
x-guploader-uploadid: ADPycdt963u8JqjNdEL2EHQkocpPSlC76E1pkcHM5mBbizwbowb1Y52OqKLxQqj_l1yKxDwap4s2ZN579xmaaRMapuNjcg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 23 Feb 2023 16:34:23 GMT
server: cloudflare
etag: W/"d0f042523a198bec3979f9e9b8e753a4"
vary: Accept-Encoding
x-goog-generation: 1676295553317325
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=WqbZUg==, md5=0PBCUjoZi+w5efnpuOdTpA==
access-control-expose-headers: *
cache-control: no-cache
x-goog-stored-content-length: 4105
cf-ray: 7a2148f398659b70-FRA
expires: Sat, 02 Mar 2024 10:41:50 GMT

GET
H2 200 experience.min.js Show response
edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/square-grid/latest/ 737 KB
178 KB 26ms
26ms Script
application/javascript 2606:4700::6812:1ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/square-grid/latest/experience.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fda1eda2d3938f8a76c75ca52a3720612ebf57e1da9884d73159f48beb2a3e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
x-amz-version-id: GaAsbvjrEC4b7XnGdqFlx3DSXxFuEa8f
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: P3HMAMP0XN9RH4H4
age: 474
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XSHIrtbYyxtWvmUtzDNDbd8X5awrtUf416v4WOsp8YQ2DHtOXQqgctimgkVaOfGZZ+1uZTmFb8w=
last-modified: Tue, 07 Feb 2023 09:20:49 GMT
server: cloudflare
etag: W/"898887036dfb6534c34d24a835ef5e2a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800,s-maxage=1800
cf-ray: 7a2148f3befb3a4f-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 48ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&rl=&if=false&ts=1677840274532&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677840274519.1626546414&ic=fbpixel&it=1677840274269&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Mar 2023 10:44:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main_a9ed8e53b3ee8a2150f1047f86aa5423.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 377 KB
74 KB 90ms
11ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_a9ed8e53b3ee8a2150f1047f86aa5423.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e85a7dde2d1f56ae8b7c1a4d52427889e03dd9861882944777a856988da375b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: br
age: 70110
x-guploader-uploadid: ADPycdtKZF_arwgm8CF0ECRNQcdAs7cVykLnjatvGa4VZvEFApUonZJ7xWgGx87bFZ62BARCQ7SF3S34jFuPQPQ6ar9X
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75470
last-modified: Wed, 01 Mar 2023 15:15:56 GMT
server: UploadServer
etag: "ae161daffdf775f513564d951bdbf582"
x-goog-generation: 1677683756777337
x-goog-hash: crc32c=X+yvkA==, md5=rhYdr/33dfUTVk2VG9v1gg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 75470
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 MkivvfJLOokBjajT Show response
edge.curalate.com/v1/media/ 45 KB
7 KB 390ms
389ms Fetch
application/json 2606:4700::6812:1ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.curalate.com/v1/media/MkivvfJLOokBjajT?appId=curalate&locale=en-us&limit=8&noExpired=true&sort=Moderation&fpcuid=5224c762-91af-4fc4-8e30-dad6722ca12c&rid=df939999-ec66-4816-b975-656ebc956d03
Requested by: Host: edge.curalate.com
URL: https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/square-grid/latest/experience.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1ad3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f91f68bd308ea1204cee5d226c6975f62ff4abc20ea458d54f33ee4ad8b086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 03 Mar 2023 07:45:52 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 7a2148f4785a9205-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 11:14:35 GMT

GET
H2 200 cjs_min_d4acb22c649bb3f7d444f2201d38b121.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 47 KB
15 KB 32ms
24ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_d4acb22c649bb3f7d444f2201d38b121.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 444ee9ab2244cf739d772ea95e1b075c67ad9a994298ad28def5517f69bfc6cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:44:10 GMT
content-encoding: gzip
age: 57624
x-guploader-uploadid: ADPycdu_Jdn5Xxk-bUBod4634ezxd37GOWV3Xgqs6t3gFpHf713vS4t5oIb24KqLVPqrm7isgv0Y8KcuiCGRGWJWPDuKMHTIi3pj
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15163
last-modified: Thu, 23 Feb 2023 21:01:47 GMT
server: UploadServer
etag: "2b6c581f54c09b722f59d133938d1d54"
x-goog-generation: 1677186107846735
x-goog-hash: crc32c=uGPGaw==, md5=K2xYH1TAm3IvWdEzk40dVA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600,no-transform
x-goog-stored-content-length: 15163
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H/1.1 204
No Content clear.png Show response
imgs.cdn-btsg.com/fp/ Frame 13F2 0
387 B 13ms
13ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.cdn-btsg.com/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs85yti5ody2zjyxnwm5zjvlmtbinju5zgzlnq&nonce=22e961122da7e07f&jac=1&je=32383026247f6d6b3530382c3237372e3b322639313a2e7a6f3f6c6f26606b7e7b7c372735402d323a6c6d766f6c2d30382f3b493b2c38302f38412d3a32717c6b7e75732f30382d3941253a30636a697a6561666f27323027374e24697d6c6a35696335603965346f3c3039696163613e663a613f633b393a3b393c3b3c3c603d63393b35313e62366c326e643432343a383938666d3666323b6e616c303c3739246778393f6e396d673d336163643735333e3d3f3e3f66303631333e373d323e6531306c6c6b6a323339336b6b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:44:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 inbox_02b49e81fdce836ab814f9ce203fce36.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 76 KB
20 KB 10ms
8ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_02b49e81fdce836ab814f9ce203fce36.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 60497a77878c8c06974db33c21ab74a3af653b5b153ff749f6ff695d37b081e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 16:09:34 GMT
content-encoding: br
age: 66900
x-guploader-uploadid: ADPycdvQBCDiS8u2rDt2V0NLcyr_qsAf-0Ou-lPEc3XAmtVTtI1r1HrI6ssaH65RfKftGSmb2k2Y9EiZ4dQo0TX9lamH3g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20196
last-modified: Wed, 01 Mar 2023 15:15:52 GMT
server: UploadServer
etag: "b0ee8431d1d6ab536d0b7db7fcc20162"
x-goog-generation: 1676310462589880
x-goog-hash: crc32c=t+saKQ==, md5=sO6EMdHWq1NtC323/MIBYg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 20196
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 sms_2579b6aa71148c3eb940153c85a653a0.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 39 KB
11 KB 12ms
12ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/sms_2579b6aa71148c3eb940153c85a653a0.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dfefa61fe882292c7c193f4ece20008118662c4e11e8be644ccf5f308cccebee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 00:29:50 GMT
content-encoding: br
age: 36884
x-guploader-uploadid: ADPycdvkdl6vX5GSNeH0Ahyztga-SdapiGr-ZurfZFtphDKQucqo7BTRytHE6BfQ3F1TT3jWKNTmKJiimPpEHRUeO3Z53fYqv7OM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11092
last-modified: Wed, 01 Mar 2023 15:16:07 GMT
server: UploadServer
etag: "a6c55fdf06b50974dfa5433b6176c2dc"
x-goog-generation: 1676407107749531
x-goog-hash: crc32c=I6kX8Q==, md5=psVf3wa1CXTfpUM7YXbC3A==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 11092
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 onsite_bda9c9f9310c72a80bd530888378f236.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 164 KB
35 KB 10ms
10ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_bda9c9f9310c72a80bd530888378f236.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 98cb2f58c80faff9b6cd08f75a63eaf3571569e011d550c56274586fd65d0547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:12:57 GMT
content-encoding: br
age: 48697
x-guploader-uploadid: ADPycdvQkDCeCSMu8akX8YE55D3pchD0sS7eyhu3umcgioFjWtXwL9XOJB8V656EKicY__VrKKfeHibJNX6IVXh_Bblr2ZJc1JQu
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35592
last-modified: Wed, 01 Mar 2023 15:16:01 GMT
server: UploadServer
etag: "42c29dc404d880318f79b649ce995916"
x-goog-generation: 1677532366098274
x-goog-hash: crc32c=j7e0Nw==, md5=QsKdxATYgDGPebZJzplZFg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 35592
accept-ranges: bytes
content-type: text/javascript

POST CQRecomm-Start
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-77063135-2&l=ymkDataLayer

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd0ee672ca1f6db7d2dc5054081836b50acaabb35d8e10b75d3a61d1be93b5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44817
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Mar 2023 10:44:34 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Mar 2023 09:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5224
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Mar 2023 11:17:30 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 02:51:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28379
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1951359635&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&ul=en-us&de=UTF-8&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=curalate.fanreel.aj9frlcF&ea=reel.impression&el=v1%3Arid%3Ddf939999-ec66-4816-b975-656ebc956d03%26dt%3DHomepage&_u=6HgACQABBAAAAAAEKk~&cid=1014668699.1677840271&tid=UA-432816-14&_gid=31949943.1677840271&gtm=45He3310n81T7MZLHP&gcs=G100&z=608971752

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 02:51:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28380
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 events.png
edge.curalate.com/api/v1/metrics/experience/aj9frlcF/ 95 B
244 B 124ms
123ms Image
image/png 2606:4700::6812:1ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edge.curalate.com/api/v1/metrics/experience/aj9frlcF/events.png?xp=crl8-homepage-square-grid&rid=df939999-ec66-4816-b975-656ebc956d03&fpcuid=5224c762-91af-4fc4-8e30-dad6722ca12c&e=t%3Api%7Cts%3A1677840275029%7Cdt%3AHomepage&cache=_264ec703-1110-497f-be4e-56799936a982
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1ad3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:44:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a2148f70aed9205-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95
content-type: image/png; charset=utf-8

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 0E0A 0
75 B 8ms
7ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.elfcosmetics.com
Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 10:44:35 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET goodVibesLaunch_D_1.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e42990e/homepage/2023/01/ 0
0

GET
H2 200 goodVibesLaunch_D_2.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw7ed1e4fe/homepage/2023/01/ 388 KB
389 KB 49ms
48ms Image
image/jpeg 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw7ed1e4fe/homepage/2023/01/goodVibesLaunch_D_2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 8f4be11ec9d571eb945d21732d360fd3e2f9ff787da8314b686462fd8e42f254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-yottaa-forcecache: true
date: Fri, 03 Mar 2023 10:44:35 GMT
cf-cache-status: MISS
age: 31252
x-yottaa-optimizations: ob/101 si/34D1a5fe384c-1677800067-4848839322 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3421a5fe3837/[13,-,1677807409483] 34D1a5fe384c/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 7a1e26916a3d23f5-LHR
x-dw-request-base-id: mMoynRBMAWQBAAB_
content-length: 397705
expires: Sun, 02 Apr 2023 01:23:28 GMT

GET goodVibesLaunch_D_2.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw7ed1e4fe/homepage/2023/01/ 0
0

GET
H2 200 goodVibesLaunch_D_3.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwbbfdf744/homepage/2023/01/ 125 KB
125 KB 49ms
48ms Image
image/jpeg 165.254.56.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwbbfdf744/homepage/2023/01/goodVibesLaunch_D_3.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.76 Culver City, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: aef8bb7b2f802352570f1887fca49c47fbba7c0c8bb85161d21d5f843e3c0afc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-yottaa-forcecache: true
date: Fri, 03 Mar 2023 10:44:36 GMT
cf-cache-status: MISS
age: 31252
x-yottaa-optimizations: ob/101 si/34D1a5fe384c-1677800067-4848839333 tts/1677806163767 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3421a5fe38a1/[8,-,1677807410936] 34D1a5fe384c/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 7a1e269aee65dc87-LHR
x-dw-request-base-id: mMreuw9FAWQBAAB_
content-length: 127703
expires: Sun, 02 Apr 2023 00:53:35 GMT

GET
H2 200 dpx
async-px.dynamicyield.com/ 0
0 100ms
100ms Fetch 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx?cnst=1&_=779112&name=HP_Visit&props=%7B%7D&uid=3039929990671093648&sec=8772046&cl=dk.w.c.ws.&ses=280ae44a6666d7a992f8bf71d1e84f72&l=def&p=1&sd=&rf=&trf=0&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%221313380441616681751%22%2C%222%22%2C%223%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%221313380442663213653%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%221313380442154981850%22%2C%221%22%2Cnull%5D%2C%5B%221261284%22%2C%2211209913%22%2C%2227119924%22%2C0%2Cnull%2Cnull%2C%221313380440675288893%22%2C%221%22%2Cnull%5D%2C%5B%221319536%22%2C%2211449246%22%2C%2227343816%22%2C0%2Cnull%2Cnull%2C%221313380442337585686%22%2C%221%22%2Cnull%5D%2C%5B%221267591%22%2C%2211602858%22%2C%2227287619%22%2C0%2Cnull%2Cnull%2C%221313380441602336775%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%221313380441529237056%22%2C%220%22%2C%222%22%5D%2C%5B%221353627%22%2C%2211652521%22%2C%2227466877%22%2C0%2Cnull%2Cnull%2C%221313380439122031556%22%2C%221%22%2Cnull%5D%2C%5B%22787993%22%2C%227471619%22%2C%2220117319%22%2C0%2Cnull%2Cnull%2C%221313380440425605325%22%2C%221%22%2Cnull%5D%5D&expSes=34343&tsrc=Direct&reqts=1677840276891&rri=9901983&geoData=DE__
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:36 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: mGMYudBHnsiFriK2eY5bLUQRX4mwvHbBR9D1SqrLZNgl2E8VhDgpGQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 100ms
100ms Fetch 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=562270&uid=3039929990671093648&sec=8772046&t=ri&e=787993&p=1&ve=7471619&va=%5B20117319%5D&ses=280ae44a6666d7a992f8bf71d1e84f72&expSes=34343&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=1313380440425605325&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1677840276897&rri=4737439
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:36 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: -wQ-GqbGQvx9xgBxdBWr-KKuhDqEg-uSEPXc-5oqUf-Bfb7vPduXuw==
expires: 0

POST
H2 200 batch
async-px.dynamicyield.com/ 0
382 B 100ms
99ms Ping
text/plain 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1677840276968_478832
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:44:37 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: hnlgxj4rPXURyCp_v9_S0oaO4H4beTy6rjaAsxhWlQ-JLF77cSqGmQ==
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.97/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e42990e/homepage/2023/01/goodVibesLaunch_D_1.jpg?yocs=F_

Domain: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/CQRecomm-Start

Domain: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e42990e/homepage/2023/01/goodVibesLaunch_D_1.jpg

Domain: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw7ed1e4fe/homepage/2023/01/goodVibesLaunch_D_2.jpg

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

82 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.elfcosmetics.com/	1970-01-20 10:14:05	Name: FPC Value: 7c569ced-2f06-4382-b136a59641848c3c
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: VSBLZfymXM-TKlEE4xoZ2K2C2vPTKw8HOFM
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value:
www.elfcosmetics.com/	1970-01-20 14:23:12	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: abCd8otduw7CdEeSyoF8VxcY0Q
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: currentLocale Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: abCd8otduw7CdEeSyoF8VxcY0Q
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: JFN2h0v3e36bRm7MgUv8ndzx5xFkeii2MD-_eE6xUZGQ3nhghM1v9DikwOeUkOWjecHHdQO1fJIgKm_DuPAonw==
.amazon-adsystem.com/	1970-01-20 15:09:17	Name: ad-id Value: A05rL4Glxkn3ioy52eMGkLw
.amazon-adsystem.com/	1970-01-20 19:40:00	Name: ad-privacy Value: 0
.pointmediatracker.com/	1970-01-20 18:51:02	Name: c Value: c4910e93-bb28-4ea1-bf20-802b7ddbc1c8
.elfcosmetics.com/	1970-01-20 10:04:02	Name: _dyjsession Value: 5uumybfrq8u9gf4jg3sm6xmofhq4bccl
.elfcosmetics.com/	1969-12-31 23:59:59	Name: dy_fs_page Value: www.elfcosmetics.com
.elfcosmetics.com/	1970-01-20 10:04:02	Name: _dy_csc_ses Value: 5uumybfrq8u9gf4jg3sm6xmofhq4bccl
.elfcosmetics.com/	1970-01-20 10:47:12	Name: _dy_c_exps Value:
.elfcosmetics.com/	1970-01-20 18:49:36	Name: _dy_soct Value: 548957.1058632.1677840271574805.1108960.1677840271.5uumybfrq8u9gf4jg3sm6xmofhq4bccl647796.1248068.1677840271.5uumybfrq8u9gf4jg3sm6xmofhq4bccl681571.1306531.1677840271.5uumybfrq8u9gf4jg3sm6xmofhq4bccl388568.656354.1677840271
.adnxs.com/	1970-01-20 12:13:36	Name: uuid2 Value: 5530005640573688319
.myvisualiq.net/	1970-01-20 19:40:00	Name: tuuid Value: 392b8d9e-7e27-4a24-b6d6-2304ed20cd6d
.myvisualiq.net/	1970-01-20 19:40:00	Name: c Value: 1677840271
.myvisualiq.net/	1970-01-20 19:40:00	Name: tuuid_lu Value: 1677840271
.adnxs.com/	1970-01-20 12:13:36	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2C$UCk*q-!@wnfH8KHJO4W`i=Caj:f_5@25dhe125No62%0qYa(tv%XVZJk!bGDB!2>h9/+0J2!8Yt:8UGhf
.yahoo.com/	1970-01-20 18:49:57	Name: A3 Value: d=AQABBI_PAWQCEJZsnL8ALrTTHEqWWxCUZ_0FEgEBAQEhA2QLZAAAAAAA_eMAAA&S=AQAAAm6NcxZr6Qd3bw_b2TSU2Bg
.casalemedia.com/	1970-01-20 18:49:36	Name: CMID Value: ZAHPkJlgvj-x6IVxGHUUxwAA
.casalemedia.com/	1970-01-20 12:13:36	Name: CMPS Value: 1125
.casalemedia.com/	1970-01-20 12:13:36	Name: CMPRO Value: 1125
.agkn.com/	1970-01-20 18:49:36	Name: ab Value: 0001%3ABLxBaBx2qDM3HL9Bxv0PsWtjKwgadboW
.dynamicyield.com/	1970-01-20 18:51:02	Name: DYID Value: 3039929990671093648
.bidswitch.net/	1970-01-20 18:49:36	Name: tuuid Value: 9da9db29-5c6e-4e2f-94b2-5654fc91d76e
.bidswitch.net/	1970-01-20 18:49:36	Name: c Value: 1677840272
.bidswitch.net/	1970-01-20 18:49:36	Name: tuuid_lu Value: 1677840272
.bluekai.com/	1970-01-20 14:28:57	Name: bku Value: b/X99Jew9VEqdD1Q
.bluekai.com/	1970-01-20 14:28:57	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.elfcosmetics.com/	1970-01-20 19:40:00	Name: og_session_id Value: 1e72a9589c4f11e9a62ebc764e10b970.997739.1677840272
.360yield.com/	1970-01-20 12:13:36	Name: tuuid Value: 86157649-c12e-4e7f-bcdd-f26e34ebafc1
.360yield.com/	1970-01-20 12:13:36	Name: tuuid_lu Value: 1677840272
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: isSkinSwitchEnabled Value: false
.ads.stickyadstv.com/	1970-01-20 10:47:12	Name: UID Value: 7b95ce6971fe48bebabdd4e7eba8d1a
.elfcosmetics.com/	1970-01-20 18:49:36	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Mar+03+2023+10%3A44%3A32+GMT%2B0000+(GMT)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CSTACK42%3A0
.elfcosmetics.com/	1970-01-20 10:47:12	Name: _dycnst Value: dg
.360yield.com/	1970-01-20 12:13:36	Name: umeh Value: !416,0,1740048272,-1
.analytics.yahoo.com/	1970-01-20 18:49:36	Name: IDSYNC Value: "195g~2aay:19b9~2aay"
.elfcosmetics.com/	1970-01-20 10:47:12	Name: _dyid Value: 3039929990671093648
.elfcosmetics.com/	1969-12-31 23:59:59	Name: _dyfs Value: 1677840272339
.elfcosmetics.com/	1970-01-20 10:47:12	Name: _dycst Value: dk.w.c.ws.
.elfcosmetics.com/	1970-01-20 10:47:12	Name: _dy_geo Value: DE.EU.DE_.DE__
.elfcosmetics.com/	1970-01-20 10:47:12	Name: _dy_df_geo Value: Germany..
.elfcosmetics.com/	1970-01-20 10:47:12	Name: _dy_toffset Value: 0
.360yield.com/	1970-01-20 12:13:36	Name: um Value: !416,gQ-8tq2quMS3QKM8tU1N4KsEZ3XyFk7uTGEKG3Wb4fkv9XsL,1685616272
.ads.stickyadstv.com/	1970-01-20 10:24:09	Name: uid-bp-30833 Value: y1vjxFVbScmNWdoFyviJdQ
.adform.net/	1970-01-20 10:48:38	Name: C Value: 1
.adform.net/	1970-01-20 11:30:24	Name: uid Value: 6231478361057314790
.demdex.net/	1970-01-20 14:23:12	Name: demdex Value: 39386112616114618361621203515606872314
.spotxchange.com/	1970-01-20 10:44:19	Name: audience Value: 61e3d6e5-b9b0-11ed-8703-18c6427b0306
.dpm.demdex.net/	1970-01-20 14:23:12	Name: dpm Value: 39386112616114618361621203515606872314
.doubleclick.net/	1970-01-20 19:25:36	Name: IDE Value: AHWqTUnf7YEL0p6eH7spN0tlQTbdaamz_x3KFRc0OhT3hQgeDHbmWjQ6B-ayxNkmrks
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1677840272_1
.serving-sys.com/	1970-01-20 12:13:36	Name: u2 Value: eedf7fae-0e0d-4827-8b14-16947f3ff00c4Lr060
.bidr.io/	1970-01-20 19:32:30	Name: bito Value: AAAP1U7IA58AACJpDwkwxA
.bidr.io/	1970-01-20 19:32:30	Name: bitoIsSecure Value: ok
.krxd.net/	1970-01-20 14:23:12	Name: _kuid_ Value: PaYy3gIt
ads.samba.tv/	1970-01-20 19:35:41	Name: sambapxid Value: 10d6fe52703de2bd9
www.elfcosmetics.com/	1970-01-20 18:49:57	Name: _dyid_server Value: 3039929990671093648
.ispot.tv/	1970-01-20 19:40:00	Name: pt Value: v2:d77d55460610b5b377fb0086c323e69208209ef253afc5e511cd7abbfa397848\|b0f02b2fab7ddfd1fb11914a49bac01292e9537fe691f5160ae69e3247ea9023
.semasio.net/	1970-01-20 18:49:36	Name: SEUNCY Value: 8B022BE7DBD91FB4
.pubmatic.com/	1970-01-20 12:13:36	Name: KRTBCOOKIE_290 Value: 23219-pab5FX8aR_-qMpxW0E6pqA&KRTB&23261-pab5FX8aR_-qMpxW0E6pqA
.pubmatic.com/	1970-01-20 10:47:12	Name: PugT Value: 1677840272
.ninthdecimal.com/	1970-01-20 14:23:12	Name: ndat Value: LU9O72QBz5GpdQy05AiPAg==
.pubmatic.com/	1970-01-20 10:05:26	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:49:36	Name: KADUSERCOOKIE Value: 990A6B09-22F9-46CC-9FAB-AE3FD9C5A3A8
.elfcosmetics.com/	1970-01-20 10:04:02	Name: _cs_mk_ga Value: 0.38024245504823484_1677840273764
imgs.cdn-btsg.com/	1970-01-20 19:40:00	Name: thx_guid Value: d9a7f31b9d1743815115f1149b1baa87
www.elfcosmetics.com/	1970-01-20 18:49:36	Name: __pdst Value: d8457a04728b47a7b2b7948f6aa89631
.elfcosmetics.com/	1970-01-20 18:49:36	Name: hero-session-efcf9631-4c6b-4874-9f76-51f71464249a Value: author=client&expires=1709376274279&visitor=e96b2d4a-59b9-421e-ac0e-a412b9688de7
.elfcosmetics.com/	1970-01-20 19:40:00	Name: sm_uuid Value: 1677840935105
.elfcosmetics.com/	1970-01-20 18:49:36	Name: crl8.fpcuid Value: 5224c762-91af-4fc4-8e30-dad6722ca12c
.elfcosmetics.com/	1970-01-20 12:13:36	Name: _fbp Value: fb.1.1677840274519.1626546414
.elfcosmetics.com/	1970-01-20 10:04:02	Name: bounceClientVisit4142v Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0ApmAGYDGA9igLYUICWtKZDTRIANCABOMECAC+QA
elfcosmetics.my.salesforce-sites.com/	1970-01-20 18:49:36	Name: BrowserId_sec Value: Y-nCP7mwEe22xKPCG2gDeQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acsbapp.com
ade.googlesyndication.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
analytics-sm.com
api.usehero.com
assets.bounceexchange.com
async-px.dynamicyield.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.acsbapp.com
cdn.cookielaw.org
cdn.cquotient.com
cdn.dynamicyield.com
cdn.jsdelivr.net
cdn.pdst.fm
cdn.usehero.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cnv.event.prod.bidr.io
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
e.cquotient.com
eb2.3lift.com
edge.curalate.com
elfco11111.pcapredict.com
elfcosmetics.com
elfcosmetics.my.salesforce-sites.com
elfcosmetics.secure.force.com
external-api.jebbit.com
geolocation.onetrust.com
h.online-metrix.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
imgs.cdn-btsg.com
js.jebbit.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
odr.mookie1.com
pagead2.googlesyndication.com
pi.ispot.tv
pixel.pointmediatracker.com
pixel.rubiconproject.com
plugins-media.perfectcorp.com
public-prod-dspcookiematching.dmxleo.com
px.dynamicyield.com
qoe-1.yottaa.net
region1.google-analytics.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
sb.scorecardresearch.com
ssum-sec.casalemedia.com
st.dynamicyield.com
static.ordergroove.com
sync.search.spotxchange.com
sync.taboola.com
t.custora.com
t.myvisualiq.net
tag.wknd.ai
tags.bluekai.com
token.rubiconproject.com
track.custora.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-central1-adaptive-growth.cloudfunctions.net
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
w2txo5aaukx5wkdxjpzkppltoswpxyyqziplnt5g22e961122da7e07fam1.e.aa.online-metrix.net
www.elfcosmetics.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.imdb.com
x.bidswitch.net
cdn-fsly.yottaa.net
www.elfcosmetics.com
104.111.217.14
104.117.196.56
104.36.113.107
13.110.46.156
13.110.67.157
13.224.189.30
13.224.189.43
13.224.189.56
13.224.189.65
13.224.189.71
13.224.190.131
13.225.78.101
13.227.217.143
13.248.245.213
140.174.14.165
141.226.228.48
142.250.180.226
142.251.208.130
151.101.2.132
151.101.66.133
165.254.56.76
18.198.69.109
185.80.39.216
185.86.138.154
185.94.180.125
188.65.124.66
192.82.242.209
2.18.79.139
2001:4860:4802:32::36
2001:4860:4802:36::36
204.141.88.73
212.82.100.182
2600:1f18:612b:4280:e48f:9156:f9ea:12b8
2600:9000:20eb:5a00:13:d6f4:3240:93a1
2600:9000:20eb:f800:a:7914:b00:93a1
2600:9000:21f3:6600:1b:50c2:4000:93a1
2600:9000:21f3:e800:a:b89d:a6c0:93a1
2600:9000:2204:fe00:15:ad21:c740:93a1
2606:4700:10::6816:1cc
2606:4700:10::6816:cc
2606:4700:4400::ac40:9062
2606:4700::6811:180e
2606:4700::6812:1ad3
2606:4700::6813:bb61
2a00:1450:4001:82f::2008
2a00:1450:400d:802::200e
2a00:1450:400d:803::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42::485
3.125.89.243
3.126.56.137
3.208.153.42
3.228.92.231
3.64.167.250
3.67.114.199
34.117.233.127
34.120.253.250
34.160.236.64
34.255.210.6
34.98.72.95
35.244.142.80
35.244.159.8
37.157.3.30
37.252.173.215
44.230.85.187
44.241.147.216
45.79.78.239
46.137.131.3
50.17.237.61
52.2.163.124
52.32.82.189
52.40.167.203
52.45.0.112
52.45.233.190
52.46.151.131
52.57.140.221
54.241.49.209
69.173.144.165
77.243.60.138
91.235.132.130
91.235.133.113
91.235.134.131
020da0825330e19eef417005d005ad730b7c875200d5f16057bcd32230f30b84
0232c842afa32c041223fc8ef697660bae9caeac0a4ea9d596d421cd5a7e46ca
055ee6f4aed068617e7ef04a3338d7bf71e7768acb90de0066504bc3a2f97650
05afd7115e1e4e6835deb4080f8b300a058786683a9ef7ec2af25e4038885905
08200626ba06885c7a9e4ff3c6ccb778055d293690b5004d3d2862e779d7e9fb
09997b6cba6fd1ffb6aaf43c2900c4f5d3bc291913be9105eb91e8a4a1277d71
0c9db9dddd952893ef706c0883ccbc82e9685a737fb526ef107640cd881ce58a
107abdab47bc6e811abe1faefede9dcfa66994af4579784d525cca586b58c48e
12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3
133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6
1a55fa64fdace75513520ac7ff9a0fcb193805ba870692498b4e9cea3bd24821
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
216afb6f186f4f8c2cf9c92bc7ce3f2b56809533e57c2bec3dc8533615a75f4b
282941064f69458a172fd4afde71d175e6052eef6a63affe4c2bd3e924a26712
2cbe017fe7e67d89efb5f94d146b58c03cc8968142131ea3cb7f8cf0def77347
2d5b0823d6090e46f9cae27a6bd568a72b50c1e5f4673724ea2473cb9c45354d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6fdfe0de25d903ebf13597e3ac3615fb3c50df486cdf1da967650fcabae659
31d7791f74b6575b6dfa09e3e3f01c5425e48ad23c1f433a9ecf214cd432e55f
38a48aa40c4250549d94e857f51799512f160e05fe3d4bce0d1b5167ad5bcf00
3cf5ecbc6fdf0be77cf51c616aab7400551c43efeff3ada55df9a2ae34873ca6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
3f1d956810dfba4137ce3ff24407f5e13694578b3fb1440468f28ed6f6146b24
400efdf33f8a4a3eaa2b9f6bd5134f1f2920dd0d2c9f9199c27087550e89876b
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
444ee9ab2244cf739d772ea95e1b075c67ad9a994298ad28def5517f69bfc6cb
45b63f0d0a7511f0d7514737e55979d4816a55983da3e4dfb6710b0f5cda1b74
4828ebff78e3165481adef4c5a40bab4a6c4463ed0fa1bf4907e26a7fb210591
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
49d7b4f1b3b628c4e142db709888548f3acdf83f82d2c7207070ca94a70d14b4
4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5073f4bda3ea4b5498e86e724999dda152b3409601495176a6ab3898fac311c1
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a820970b045c22f53b3ef7ccae7c60f8e9310aaac93a08799b87a02bc612665
5d79259c387e0f2378ee747f26ddef86ab31acdf3e580754bae02b984c747197
5da24ddb5291d2988d5eba22ab1a1662b87c35a6dd93c64293726eccf6477229
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60497a77878c8c06974db33c21ab74a3af653b5b153ff749f6ff695d37b081e8
6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69dc008077fc9368a11f50ec07b2349100903b7a1907bd349bf54ab720cbd136
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c94b4779bff56e7086c76e350336d941709016205282c9271a887f1547f717c
6e232450eec8cdc7668d021128de7b83bf86dcc7bdad5579eb72d6e3c5b9a2d1
71f91f68bd308ea1204cee5d226c6975f62ff4abc20ea458d54f33ee4ad8b086
72c5160735731f9f054697ed9335fc818efb207ca5f2706f2ed7a59094e2d0d8
73298c5946d1119054eab2d334cc97c4ecf0e77c5a2387b7249351e101fcbe37
7704375b3e9267d0f55e59bb604f42daa4e367d2e08cdf531c95f79c9a11f9b5
790058d7104da64744d1f439afc947be13c7cbb25e1b51b64ffa9ef20832fa44
82593b7e1b1ddbf7167fa7104f05c270489ce0fa63bcb5c4823dc19834b18f58
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846745b9f0e7bb77e945f00c4255540eefc3c2335f9f596895589ff58967f465
852954354453a8fa24b0bda5f642431438019a2e59fea518fab1c2e3702b0089
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87af221020046d4592e8fe13ee1ffead5ed18e9adbd99cd0d03f5b39519908a4
891925a10bb04f4e4a7080bd887c0e7330410c5ec5b4657abf9f0906ceff85b6
89c801bc7af033c0ff6958504b5894bfb6ee2625277685c87f9bfe969f308f9f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f4be11ec9d571eb945d21732d360fd3e2f9ff787da8314b686462fd8e42f254
90e61cbd46c110174d83659465c52940a4e2721c7d30dbeb90ebda310466d3f3
92aaca5a334e215f2dfca87a6c6dee3f870294815e5f90f5ccf018bbf06be596
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
96a3358dcb988a6b2d0d6f409533b6e242b79f248d58bb9731860246481eb585
98cb2f58c80faff9b6cd08f75a63eaf3571569e011d550c56274586fd65d0547
9921de3508095a5524f6f35a0fa6d22077ed495adc9d58605ce53c8e0b89c4f6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bb422e4efd4af11054081bda08e586e2b39736f62062e6652e7828133ca0b02
9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2
9fda1eda2d3938f8a76c75ca52a3720612ebf57e1da9884d73159f48beb2a3e4
9ffc6a618811ab08cd3ffd3ed154f98e67a785daa12824a44a99854f968f1993
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a43d16995a1116f83c7704b3c1acdae8672693ae7d259a57f3634b6ad6a956b7
a5ebd5f45a4d70cbce2f565c7479b1052f4a2d6af748969b590fb20b35a9058d
a687ab1a8045dcd662c262daace7e26921853deb833a1c692db5164604a0ee74
a788adfe7140c420c31160d3c6b672d2cfc2790dec4423f51c10687a3cf6312e
a7d87091d363393cdfb559f44f41e447f70b67917b9dedb3e97c2a8d476e1ea8
a9b2a97b95ecaab1920aba84b26169c23a38e0513c2d4423ab9c0102b96cb195
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
acb3511f732562de4549b37fe6f6a43a7cd624c8e7dc81fabe5fa05d43ded188
ad3a30e9a818e22c8f16792348125f8ef1dd28bc20c1d12e23c163c2cd5be07c
aef8bb7b2f802352570f1887fca49c47fbba7c0c8bb85161d21d5f843e3c0afc
b1e98cfe6c9197e8395ffa94d6cc16cfae68dacd6a44392625c6d21ea71b1457
b5fb3ebbf40563c91f4e8565aa6257ed735ca0a075f0f78b18bddda655cc8434
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c66960fd249e74cd61ae9b9ed92f21e038feb67be2f7c4c9ced6f00cfb193bf5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cd0ee672ca1f6db7d2dc5054081836b50acaabb35d8e10b75d3a61d1be93b5ee
cd5ae643e89170860b9bca1805cb663625a9006ecfcdf8749d3ee7d498d40629
cf5968df6950811af6d4b89af7ff179df0bc38d1bd8374cfba37828341186445
d227b8698fe32235126f6bbdde8805dd4330a1a2f909eec1261f58c52d559c4a
d3b21e77de6f67b4a530f42d9aa7c0bb9afea74c2372c22f58a8dfa5f5a05bae
d6e1f05e590ddd81cdedefacedca609d2560b65de9fe51a4e030051275671e14
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
dce1686ab8414249a2135c0d765b4694cc13a0942c338dc426935e96a47e7692
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfefa61fe882292c7c193f4ece20008118662c4e11e8be644ccf5f308cccebee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a8112252b50b4b89f7b39ecd63b218133284fcd7e1e5bef85baf3bc80220d8
e6737c72549c4a9f37c6decdd5118aaca00ddcd1716d3506e530d2a6926d8bdc
e85a7dde2d1f56ae8b7c1a4d52427889e03dd9861882944777a856988da375b3
e9320fb9cf32f0763c597acec29a63ffb220d538acd75e75b47e2029258c4471
ec650428fc453feac2ec02390ae0ab2eb0e28cfa657fac758652edf13a9befc8
ef01c7ec294cd078695a8594328731d6b2c20661f29c58a21d333acb4207ab8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4a0a386be0745346bdbbb04735249591dcc13e2d36a444f2ff08f70b236868
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3c21d2e499961096727a9c72b9cc68bb32f9435b819cf966a3943ad16163fa3
f728b2a3472bdb7b12fe2b3ad324f86306d5ebfd9a22970cdb9d75865437181f
f9ffe1174d267725dc5c46203d0795ec0c2e489e270a8368b73303bb894e7a41
fdbbf833a530e094f1e0ae35177214f92178dbab384f343ffbf9ec41d7b164a2

www.elfcosmetics.com Open in urlscan Pro 165.254.56.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

198 Requests

79 %HTTPS

24 %IPv6

66 Domains

85 Subdomains

55 IPs

8 Countries

11065 kBTransfer

19294 kBSize

82 Cookies

19 Outgoing links

Page URL History

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.elfcosmetics.com Open in urlscan Pro
165.254.56.76 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

79 %
HTTPS

24 %
IPv6

66
Domains

85
Subdomains

55
IPs

8
Countries

11065 kB
Transfer

19294 kB
Size

82
Cookies

198 HTTP transactions
3 data transactions